Azure AD joined PCs-UAC is not working

%3CLINGO-SUB%20id%3D%22lingo-sub-3001951%22%20slang%3D%22en-US%22%3EAzure%20AD%20joined%20PCs-UAC%20is%20not%20working%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3001951%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20transferred%20some%20new%20Azure%20AD%20joined%20PCs%20(MS%20365%20Business%20Premium)%20to%20a%20client's%20site%20(in%202%20sites).%20All%20sites%20have%20a%20site-to-site%20VPN.%20When%20PCs%20are%20in%20any%20of%20these%20sites%2C%20UAC%20is%20not%20working%20when%20they%20are%20in%20the%20business%20network.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20suggestion%20of%20what%20to%20check%20(to%20start)%3B%3C%2FP%3E%3CP%3EBest%20regards%3C%2FP%3E%3CP%3EK%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3001951%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3011368%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20joined%20PCs-UAC%20is%20not%20working%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3011368%22%20slang%3D%22en-US%22%3EWhat%20exactly%20doesn't%20work%20in%20UAC%3F%3CBR%20%2F%3EDo%20the%20users%20have%20local%20admin%20rights%3F%3CBR%20%2F%3EIf%20not%20already%20done%2C%20maybe%20you%20can%20review%20GPO.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3011538%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20joined%20PCs-UAC%20is%20not%20working%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3011538%22%20slang%3D%22en-US%22%3E%3CP%3EThank%20you%20for%20your%20reply%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F165765%22%20target%3D%22_blank%22%3E%40ShaikhRA%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20users%20do%20not%20have%20admin%20rights%20(therefore%20the%20UAC%20prompt).%20There%20is%20no%20GPO%20configured%20in%20Azure%20AD.%20The%20UAC%20issue%20is%20that%2C%20when%20the%20PC%20is%20connected%20to%20the%20company's%20network%2C%20everything%20(except%20UAC%20username%20and%20password%20prompt)%2C%20work%20as%20expected.%20UAC%20prompt%20does%20not%20appear%20at%20all.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ebest%20regards%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EK%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Hello,

 

We transferred some new Azure AD joined PCs (MS 365 Business Premium) to a client's site (in 2 sites). All sites have a site-to-site VPN. When PCs are in any of these sites, UAC is not working when they are in the business network.

 

Any suggestion of what to check (to start);

Best regards

K

4 Replies
What exactly doesn't work in UAC?
Do the users have local admin rights?
If not already done, maybe you can review GPO.

Thank you for your reply @ShaikhRA 

The users do not have admin rights (therefore the UAC prompt). There is no GPO configured in Azure AD. The UAC issue is that, when the PC is connected to the company's network, everything (except UAC username and password prompt), work as expected. UAC prompt does not appear at all.

 

best regards

 

K

The client's sites you mentioned are local Active Directory sites or something else?
If they are, what about the non Azure AD machines which are already in the sites. Do they have the same issue with UAC?

@ShaikhRA 

Local sites have only one file server which is bound to on premises AD. The computers with the UAC issue are not bound to on premises AD, only to Azure AD. Local AD does not communicate at all with Azure AD (no Azure AD connect or other mechanism).

 

Best regards

 

Kostas

We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE