Skip to content

Commit a075f72

Browse files
authored
Merge pull request #180397 from tanuballa/patch-169
add clarification about all AAD setup methods
2 parents 7493078 + 573762c commit a075f72

File tree

1 file changed

+8
-6
lines changed

1 file changed

+8
-6
lines changed

articles/bastion/connect-native-client-windows.md

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -13,18 +13,16 @@ ms.custom: ignite-fall-2021
1313

1414
# Connect to a VM using Bastion and the native client on your Windows computer (Preview)
1515

16-
Azure Bastion now offers support for connecting to target VMs in Azure using a native client on your Windows workstation. This feature lets you connect to your target VMs via Bastion using Azure CLI and expands your sign-in options to include local SSH key pair and Azure Active Directory (Azure AD). This article helps you configure Bastion with the required settings, and then connect to a VM in the VNet. For more information, see the [What is Azure Bastion?](bastion-overview.md).
16+
Azure Bastion now offers support for connecting to target VMs in Azure using a native RDP or SSH client on your Windows workstation. This feature lets you connect to your target VMs via Bastion using Azure CLI and expands your sign-in options to include local SSH key pair and Azure Active Directory (Azure AD). This article helps you configure Bastion with the required settings, and then connect to a VM in the VNet. For more information, see the [What is Azure Bastion?](bastion-overview.md).
1717

1818
> [!NOTE]
1919
> This configuration requires the Standard SKU for Azure Bastion.
2020
>
2121
22-
> [!IMPORTANT]
23-
> This feature is still rolling out globally. If you cannot access it in the Azure portal, please wait for a few days and try again.
24-
25-
2622
Currently, this feature has the following limitations:
2723

24+
* Native client support is not yet available for use from your local Linux workstation. If you are connecting to your target VM from a Linux workstation, please use the Azure portal experience.
25+
2826
* Signing in to your target VM using a custom port or protocol is not yet available with native client support. If you want to use a custom port or protocol to sign in to your target VM via Bastion, use the Azure portal experience.
2927

3028
* Signing in using a local username and password to your target VM is not yet supported. If you want to use local username and password credentials to sign into your target VM via Bastion use the Azure portal experience.
@@ -38,6 +36,10 @@ Before you begin, verify that you have met the following criteria:
3836
* The latest version of the CLI commands (version 2.30 or later) is installed. For information about installing the CLI commands, see [Install the Azure CLI](/cli/azure/install-azure-cli) and [Get Started with Azure CLI](/cli/azure/get-started-with-azure-cli).
3937
* An Azure virtual network.
4038
* A virtual machine in the virtual network.
39+
* If you plan to sign into your virtual machine using your Azure AD credentials, make sure your virtual machine is set up using one of the following methods:
40+
* Enable Azure AD login for a [Windows VM](../active-directory/devices/howto-vm-sign-in-azure-ad-windows.md) or [Linux VM](../active-directory/devices/howto-vm-sign-in-azure-ad-linux.md).
41+
* [Configure your Windows VM to be Azure AD-joined](../active-directory/devices/concept-azure-ad-join.md).
42+
* [Configure your Windows VM to be hybrid Azure AD-joined](../active-directory/devices/concept-azure-ad-join-hybrid.md).
4143

4244
## Configure Bastion
4345

@@ -72,7 +74,7 @@ Verify that the following roles and ports are configured in order to connect.
7274
* Reader role on the virtual machine.
7375
* Reader role on the NIC with private IP of the virtual machine.
7476
* Reader role on the Azure Bastion resource.
75-
* Virtual Machine Administrator Login or Virtual Machine User Login role, if you are using the Azure AD login method.
77+
* Virtual Machine Administrator Login or Virtual Machine User Login role, if you are using the Azure AD login method. Note that you only need to do this if you're enabling Azure AD login using the process described here: [Azure Windows VMs and Azure AD](../active-directory/devices/howto-vm-sign-in-azure-ad-windows.md) or [Azure Linux VMs and Azure AD](../active-directory/devices/howto-vm-sign-in-azure-ad-linux.md)
7678

7779
### Ports
7880

0 commit comments

Comments
 (0)