How to manage on-premise servers using Azure AD credentials?Connect Azure Active Directory to on premise customer ADSetup on-premise AD + same users at Exchange Online (+ Azure AD?)Manage Client Servers without joining domainScheduled Task in Windows Server 2016, run by non-admin UsersRemote Desktop Connection to Azure Server using Office365 User not workingAzure AD Users logging into Remote Desktop ServerWindows 2016 Server on site domain join with Azure ADAccounts are in Azure AD, we now have an on-premise server.How to stop syncing Windows Server with Azure Active DirectoryHow To Fix an Azure-Only Active Directory Environment

How do you cope with rejection?

Taylor series leads to two different functions - why?

Physically unpleasant work environment

Largest memory peripheral for Sinclair ZX81?

Told to apply for UK visa before other visas

Can 2 light bulbs of 120V in series be used on 230V AC?

Sort a section of a file

How many Dothraki are left as of Game of Thrones S8E5?

RegEx with d doesn’t work in if-else statement with [[

Pedaling at different gear ratios on flat terrain: what's the point?

Why is so much ransomware breakable?

Cathy’s Composite party is powered by three Prime Pals. Can you find them?

Why would you put your input amplifier in front of your filtering for and ECG signal?

Gambler's Fallacy Dice

What color to choose as "danger" if the main color of my app is red

Can a large hemispherical planet be stable?

I recently started my machine learning PhD and I have absolutely no idea what I'm doing

Can a generation ship withstand its own oxygen and daily wear for many thousands of years?

How come Arya Stark wasn't hurt by this in Game of Thrones Season 8 Episode 5?

Are spiritual pleasures > carnal pleasures, according to Catholicism?

Working hours and productivity expectations for game artists and programmers

on the truth quest vs in the quest for truth

Using `printf` to print variable containing `%` percent sign results in "bash: printf: `p': invalid format character"

How was the blinking terminal cursor invented?



How to manage on-premise servers using Azure AD credentials?


Connect Azure Active Directory to on premise customer ADSetup on-premise AD + same users at Exchange Online (+ Azure AD?)Manage Client Servers without joining domainScheduled Task in Windows Server 2016, run by non-admin UsersRemote Desktop Connection to Azure Server using Office365 User not workingAzure AD Users logging into Remote Desktop ServerWindows 2016 Server on site domain join with Azure ADAccounts are in Azure AD, we now have an on-premise server.How to stop syncing Windows Server with Azure Active DirectoryHow To Fix an Azure-Only Active Directory Environment






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








3















We run a small business and have begun to use Azure AD to manage our users. Our Windows 10 workstations are connected to the Azure domain via "Connect to work or school" setting, and that works nicely.



The problem is we have a couple of Windows Server 2016 installations in the office. Currently they are setup with local admin accounts and people log in as that in order to administer them.



What we really want is to be able to grant admin rights to our Azure AD users and allow them to login to the server with their regular Azure AD credentials.



What is the equivalent of "Connect to work or school" for Windows server 2016? How do we allow Windows server to grant admin rights to specific AD users?



I have seen Azure AD Connect, but that seems to require us to setup AD locally and sync it with Azure. I'm concerned, if this is the solution, that it will complicate our admin load. We are just looking for a really simple solution. If Azure AD connect is the answer, what is the simplest way to set it up to achieve the most basic on-site server administration for Azure AD users?






azure-active-directory windows-server-2016







share|improve this question






















  • Seems Windows Server 2016 Essentials may be an easier option - it appears to have a built in Azure AD integration more similar to Windows

    – Schneider
    Oct 10 '16 at 5:56

















3















We run a small business and have begun to use Azure AD to manage our users. Our Windows 10 workstations are connected to the Azure domain via "Connect to work or school" setting, and that works nicely.



The problem is we have a couple of Windows Server 2016 installations in the office. Currently they are setup with local admin accounts and people log in as that in order to administer them.



What we really want is to be able to grant admin rights to our Azure AD users and allow them to login to the server with their regular Azure AD credentials.



What is the equivalent of "Connect to work or school" for Windows server 2016? How do we allow Windows server to grant admin rights to specific AD users?



I have seen Azure AD Connect, but that seems to require us to setup AD locally and sync it with Azure. I'm concerned, if this is the solution, that it will complicate our admin load. We are just looking for a really simple solution. If Azure AD connect is the answer, what is the simplest way to set it up to achieve the most basic on-site server administration for Azure AD users?






azure-active-directory windows-server-2016







share|improve this question






















  • Seems Windows Server 2016 Essentials may be an easier option - it appears to have a built in Azure AD integration more similar to Windows

    – Schneider
    Oct 10 '16 at 5:56













3












3








3








We run a small business and have begun to use Azure AD to manage our users. Our Windows 10 workstations are connected to the Azure domain via "Connect to work or school" setting, and that works nicely.



The problem is we have a couple of Windows Server 2016 installations in the office. Currently they are setup with local admin accounts and people log in as that in order to administer them.



What we really want is to be able to grant admin rights to our Azure AD users and allow them to login to the server with their regular Azure AD credentials.



What is the equivalent of "Connect to work or school" for Windows server 2016? How do we allow Windows server to grant admin rights to specific AD users?



I have seen Azure AD Connect, but that seems to require us to setup AD locally and sync it with Azure. I'm concerned, if this is the solution, that it will complicate our admin load. We are just looking for a really simple solution. If Azure AD connect is the answer, what is the simplest way to set it up to achieve the most basic on-site server administration for Azure AD users?






azure-active-directory windows-server-2016







share|improve this question














We run a small business and have begun to use Azure AD to manage our users. Our Windows 10 workstations are connected to the Azure domain via "Connect to work or school" setting, and that works nicely.



The problem is we have a couple of Windows Server 2016 installations in the office. Currently they are setup with local admin accounts and people log in as that in order to administer them.



What we really want is to be able to grant admin rights to our Azure AD users and allow them to login to the server with their regular Azure AD credentials.



What is the equivalent of "Connect to work or school" for Windows server 2016? How do we allow Windows server to grant admin rights to specific AD users?



I have seen Azure AD Connect, but that seems to require us to setup AD locally and sync it with Azure. I'm concerned, if this is the solution, that it will complicate our admin load. We are just looking for a really simple solution. If Azure AD connect is the answer, what is the simplest way to set it up to achieve the most basic on-site server administration for Azure AD users?






azure-active-directory windows-server-2016




azure-active-directory windows-server-2016






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Oct 10 '16 at 1:06









SchneiderSchneider

47531021




47531021












  • Seems Windows Server 2016 Essentials may be an easier option - it appears to have a built in Azure AD integration more similar to Windows

    – Schneider
    Oct 10 '16 at 5:56

















  • Seems Windows Server 2016 Essentials may be an easier option - it appears to have a built in Azure AD integration more similar to Windows

    – Schneider
    Oct 10 '16 at 5:56
















Seems Windows Server 2016 Essentials may be an easier option - it appears to have a built in Azure AD integration more similar to Windows

– Schneider
Oct 10 '16 at 5:56





Seems Windows Server 2016 Essentials may be an easier option - it appears to have a built in Azure AD integration more similar to Windows

– Schneider
Oct 10 '16 at 5:56










2 Answers
2






active

oldest

votes


















0














In this case (for Windows Server), even though you have successfully synced your on premise Computer account into Azure AD using AAD Connect, you can't manage to control who can or cannot manage the server just as doing that on on-premise, even allow AAD user to log in.






share|improve this answer






























    0














    Take a look at Azure AD DS - https://azure.microsoft.com/en-us/services/active-directory-ds/



    If you have these servers in your on-premises environment it will require some networking (VPN) to be configured. AAD DS have limitations but if you need it only for managing security and domain join, do not require large directory structures, GPOs etc. it will be enough.






    share|improve this answer























      Your Answer








      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "2"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader:
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      ,
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );













      draft saved

      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f808047%2fhow-to-manage-on-premise-servers-using-azure-ad-credentials%23new-answer', 'question_page');

      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      0














      In this case (for Windows Server), even though you have successfully synced your on premise Computer account into Azure AD using AAD Connect, you can't manage to control who can or cannot manage the server just as doing that on on-premise, even allow AAD user to log in.






      share|improve this answer



























        0














        In this case (for Windows Server), even though you have successfully synced your on premise Computer account into Azure AD using AAD Connect, you can't manage to control who can or cannot manage the server just as doing that on on-premise, even allow AAD user to log in.






        share|improve this answer

























          0












          0








          0







          In this case (for Windows Server), even though you have successfully synced your on premise Computer account into Azure AD using AAD Connect, you can't manage to control who can or cannot manage the server just as doing that on on-premise, even allow AAD user to log in.






          share|improve this answer













          In this case (for Windows Server), even though you have successfully synced your on premise Computer account into Azure AD using AAD Connect, you can't manage to control who can or cannot manage the server just as doing that on on-premise, even allow AAD user to log in.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Oct 10 '16 at 12:53









          Bifeng Dong - MSFTBifeng Dong - MSFT

          26614




          26614























              0














              Take a look at Azure AD DS - https://azure.microsoft.com/en-us/services/active-directory-ds/



              If you have these servers in your on-premises environment it will require some networking (VPN) to be configured. AAD DS have limitations but if you need it only for managing security and domain join, do not require large directory structures, GPOs etc. it will be enough.






              share|improve this answer



























                0














                Take a look at Azure AD DS - https://azure.microsoft.com/en-us/services/active-directory-ds/



                If you have these servers in your on-premises environment it will require some networking (VPN) to be configured. AAD DS have limitations but if you need it only for managing security and domain join, do not require large directory structures, GPOs etc. it will be enough.






                share|improve this answer

























                  0












                  0








                  0







                  Take a look at Azure AD DS - https://azure.microsoft.com/en-us/services/active-directory-ds/



                  If you have these servers in your on-premises environment it will require some networking (VPN) to be configured. AAD DS have limitations but if you need it only for managing security and domain join, do not require large directory structures, GPOs etc. it will be enough.






                  share|improve this answer













                  Take a look at Azure AD DS - https://azure.microsoft.com/en-us/services/active-directory-ds/



                  If you have these servers in your on-premises environment it will require some networking (VPN) to be configured. AAD DS have limitations but if you need it only for managing security and domain join, do not require large directory structures, GPOs etc. it will be enough.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Jan 10 '17 at 17:14









                  Tomasz OnyszkoTomasz Onyszko

                  1211




                  1211



























                      draft saved

                      draft discarded
















































                      Thanks for contributing an answer to Server Fault!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid


                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.

                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f808047%2fhow-to-manage-on-premise-servers-using-azure-ad-credentials%23new-answer', 'question_page');

                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      -

                      Popular posts from this blog

                      How to write a 12-bar blues melodyI-IV-V blues progressionHow to play the bridges in a standard blues progressionHow does Gdim7 fit in C# minor?question on a certain chord progressionMusicology of Melody12 bar blues, spread rhythm: alternative to 6th chord to avoid finger stretchChord progressions/ Root key/ MelodiesHow to put chords (POP-EDM) under a given lead vocal melody (starting from a good knowledge in music theory)Are there “rules” for improvising with the minor pentatonic scale over 12-bar shuffle?Confusion about blues scale and chords

                      Image
                      Why is a set not a partition of itself? Would an 8% reduction in drag outweigh the weight addition from this custom CFD-tested winglet? Labeling matrices/rectangles and drawing Sigma inside rectangle Unexpected Netflix account registered to my Gmail address - any way it could be a hack attempt? 51% attack - apparently very easy? refering to CZ's "rollback btc chain" - How to make sure such corruptible scenario can never happen so easily? Missouri raptors have wild hairdos Can someone explain homicide-related death rates? Why is tomato paste so cheap? What are the implications of the new alleged key recovery attack preprint on SIMON? Effects of ~10atm pressure on engine design Is taking modulus on both sides of an equation valid? Jumping frame contents with beamer and pgfplots Are there any established rules for splitting books into parts, chapters, sections etc? Anatomically Correct Carnivorous Tree Why do I get two different answers when solvi...
                      Read more

                      What if the end-user didn't have the required library?What is setup.py?What is a clean, pythonic way to have multiple constructors in Python?What does Ruby have that Python doesn't, and vice versa?What is the reason for having '//' in Python?How do I create a namespace package in Python?How to package shared objects that python modules depend on?setuptools vs. distutils: why is distutils still a thing?Navigation in Windows 10 vs code not going to virtualenv library when the same library is installed at user levelPython create package for local usePackaging a project that uses multiple python versionsWhy is permission denied on pip install except for when “--user” is included at end of command?

                      Image
                      Can a tourist shoot a gun in the USA? Will a coyote attack my dog on a leash while I'm on a hiking trail? Labeling matrices/rectangles and drawing Sigma inside rectangle How can I answer high-school writing prompts without sounding weird and fake? Is there ever any indication in the MCU as to how Spider-Man got his powers? Jumping frame contents with beamer and pgfplots Would an 8% reduction in drag outweigh the weight addition from this custom CFD-tested winglet? Is it possible to create different colors in rocket exhaust? German characters on US-International keyboard layout Does gravity affect the time evolution of a QM wave function? 51% attack - apparently very easy? refering to CZ's "rollback btc chain" - How to make sure such corruptible scenario can never happen so easily? Why are solar panels kept tilted? Is Germany still exporting arms to countries involved in Yemen? Unexpected Netflix account registered to my Gmail address - any wa...
                      Read more

                      Esgonzo ibérico Índice Descrición Distribución Hábitat Ameazas Notas Véxase tamén "Acerca dos nomes dos anfibios e réptiles galegos""Chalcides bedriagai"Chalcides bedriagai en Carrascal, L. M. Salvador, A. (Eds). Enciclopedia virtual de los vertebrados españoles. Museo Nacional de Ciencias Naturales, Madrid. España.Fotos

                      Image
                      escíncidospenínsula Ibéricaesgonzo comúnJacques von Bedriagaesgonzo comúndimorfismo sexualovovivíparaendémicaPenínsula IbéricaCordilleira CantábricaAsturiasPaís VascoGaliciaRías BaixasMurosCarnotaillas CíesOnsAtlánticoIllas CíesIlla de Onsilla do PesegueiroIlla de Sancti PetriMediterráneoMar MenorIlla de TabarcaGaliciaCantabriaBurgossolosdestrución do hábitatIUCN Abrir o menú principal Procurar Esgonzo ibérico Ler noutra lingua Vixiar esta páxina Editar function mfTempOpenSection(id)var block=document.getElementById("mf-section-"+id);block.className+=" open-block";block.previousSibling.className+=" open-block"; Esgonzo ibérico Estado de conservación Case ameazada Clasificaci...
                      Read more