How can we improve Azure Active Directory?

← Azure Active Directory

Support Azure AD domain join for Windows Server 2016

Microsoft should strongly consider implementing support for Azure AD join in future builds of Windows Server 2016. I how a couple of customers that have nearly finished the transition to all cloud and is left with a couple of servers due to legacy software. They are currently left with the option to deploy Azure AD Domain Services for supporting a couple (2-5) servers.

https://windowsserver.uservoice.com/forums/295047-general-feedback/suggestions/32995450-support-azure-ad-domain-join-for-windows-server-20

268 votes
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Peter Selch Dahl shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

31 comments

Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Flag as inappropriate

    Should be able to login to my Windows servers with an Azure AD account, just as I do today with my Windows 10 clients, we are in 2020, how could this not be supported....even in Server 2019 I hear its not there, doesn't sound like the Microsoft I know!!

  • Matt Brock commented  ·   ·  Flag as inappropriate

    Agreed. This needs to be a thing in future Windows Server releases (including 2019). And if you could backport it to Server 2016 would be nice too.

  • Matteo Lo Piccolo commented  ·   ·  Flag as inappropriate

    Unplanned.... wow.... just.. why do you want us to still use an on-prem AD... its unnecessary and AD connect is really a bad idea.. come on..

  • Thomas Baklund commented  ·   ·  Flag as inappropriate

    This is really needed. The servers use AADDS today and it has a few limitations. If the servers and WVD could just join AAD as regulers W10 does and we could eliminiate the need of an AD DS server with the users it would help us a lot.

    Login to app servers/RDS could be done using the already logon hello credentials
    Guest users from trusted organisations wich use same ERP system but is in a different tenant can use their own credentials an Guest user to access instead of having to get a second account in correct domain wich leavs a lot of confusion.

  • L commented  ·   ·  Flag as inappropriate

    This is terrible. Why is it in Windows 10 and not Server 2019!?

  • SS commented  ·   ·  Flag as inappropriate

    I agree, for SME who want to go cloud only, it would be ideal if we could just migrate the LOB apps to Azure VM servers and just join to Azure AD....saves an awful lot of work and costs to the clients..

    I am also PoC a Hybrid Azure AD join RDSH server scenario, so I can test Conditional Access against users sessions initiating from a Hybrid joined RDSH device.

    We have a test tenant with public FQDN and routable. I have followed all MS documentation, setup AADConnect, SSO, SCP, GPOs followed it to the letter, but for some reason the device ID does not appear in Azure for the auto join to occur!

    I tried Winodws Server 2012 R2 (with workplace client), 2016 DC and 2019 DC versions, none of them I can Hybrid join to Azure AD...

    it would have been ideal if like Windows 10 there was an option to Join to Azure AD from settings>accounts, rather than going through all this work...

  • Anonymous commented  ·   ·  Flag as inappropriate

    windows 10 - Azure AD.
    Server 2019 - no Azure AD?
    C'mon, help us embrace SaaS, while making you some money in the process. Forget On-Prem AD.

  • Christopher Neufeld commented  ·   ·  Flag as inappropriate

    In an increasingly cloud-centric environment, this is a must-have. We run a slew of servers across various cloud services and it would be extremely beneficial to be able to centralize and manage logins using Azure AD.

  • Neil G. commented  ·   ·  Flag as inappropriate

    In case its not clear - this is a request for windows server to be able to register as a known device to Azure AD -- NOT Hybrid join -- with the short term goal of being able to login with our Office 365/AzureAD identities as well as local "break the glass" login.

    Probably long term goal would be MDM server management through Intune but that is a whole different request.

  • HenrikE commented  ·   ·  Flag as inappropriate

    This is needed. The comment below shows that Microsoft don't even understand the question. We want to be able to join server OS directly to AAD, just as we do clients. While this may mean that the server OS will need to be able to consume an OAUTH token, it is most desirable to be able to remove the onprem AD altogether while keeping the option to deploy the occational member server.

← Previous 1

Azure Active Directory: Domain Join

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice