I'm doing some testing on a standalone (no on-prem AD sync) Azure AD test tenancy, and have set up a user (non-admin) account, installed a base Windows 10 system, and joined it to Azure AD (shows Azure AD Joined) using the user account. It appears to have created that account as a local admin, so I've enabled Remote Desktop and am attempting to log into it using the test user from my normal work computer (local AD joined, Hybrid Azure AD in production tenancy). However, I keep getting "The logon attempt failed":
On the Win10 system (the RDP "server"), in the Event Log under Applications and Services -> Microsoft -> Windows -> RemoteDesktopServices-RdpCoreTS, I can see at the same time two warnings:
Event ID 142, Category RemoteFX module: TCP socket READ operation failed, error 64
Event ID 226, Category RemoteFX module: RDP_TCP: An error was encountered when transitioning from StateUnknown in response to Event_Disconnect (error code 0x80070040).
Using WireShark on the "server" side, I can see my "client" system connecting and negotiating TLSv1.2 with Client Hello, Server Hello, and passing TLS "Application Data" from client to server, then "server" back to "client" (with ACKs sent back for each). At this point, it looks like my "client" sends a TCP RST.
I've tried the username in the following format, all result in the same error and same Wireshark RST:
name@domain
AzureAD\name@domain
.\AzureAD\name@domain
And I've also tried to connect using the the Remote Desktop store app, which gave me:
Error code: 0x9735
Extended error code: 0x0
Activity ID: {af13979d-a3b9-41c5-8205-5bab5ca60000}
I've seen several articles that indicate I need to disable NLS on both sides, but 1) that seems like a bad idea without knowing why that's required, and 2) I tried it anyway and it didn't work.
I'm out of ideas. Anyone smarter than me able to point me in the right direction?