question

AthloneAdmin-6310 avatar image
0 Votes"
AthloneAdmin-6310 asked soysoliscarlos commented

Microsoft Azure AD on Server 2019 Standard

Good day, I hope you are well,

I am looking for someone that can direct me in the right direction to resources that can assist with my setup. I have a Windows 2019 Standard server acting as my domain controller.

What I am trying to achieve and trying to see if it is possible is to connect my Azure AD Free account to my Domain controller and allow users on the domain to log in with their Office 365 account without needing to load the account on the machine. We have 39 teachers that use 4 machines as a shared PC. I want to allow them to sit at any one of these machines and log in with their 365 accounts and have access to the computer. We have a similar issue with our computer lab where we have 40 machines that are shared between 450 students. They should be able to sit and enter their 365 details and then be able to work on the machine. Is this possible and can this feature be added without needing to make major changes to my domain controller?

Please keep in mind that I am a novice and learning, any assistance and information is greatly appreciated for I am excited to learn what I need to achieve my goal.

Thanks and kind regards

Krynauw Kruger

azure-ad-connect
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

soysoliscarlos avatar image
0 Votes"
soysoliscarlos answered soysoliscarlos commented

Hi @AthloneAdmin-6310

Thank you for asking this question on the Microsoft Q&A Platform.

I understand that you require that you automatically log in to your Microsoft 365 Account with your Windows credentials, right?

Well, I think you need Azure Active Directory Seamless Single Sign-On:

Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) automatically signs users in when they are on their corporate devices connected to your corporate network.

Source https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso

Hope this helps,
Carlos Solís Salazar

Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
NOTE: To answer you as quickly as possible, please mention me in your reply.

· 6
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AthloneAdmin-6310 avatar image AthloneAdmin-6310 ·

Good Day, I hope you are well,

No sorry, I think you misunderstood me, Azure Connect gives you the ability to log in to your Microsoft 365 Account with your Windows credentials. I am not looking for that, I am looking for it the other way around, to log in on any PC on my domain with 365 details. This way I don't have to manage 1000 learners and 50 teachers Windows Server AD accounts and MS 365 accounts. I want to let everyone just use the MS 365 accounts for logging into Windows through my domain controller.

Thanks
Krynauw

1 Vote 1 ·
soysoliscarlos avatar image soysoliscarlos ·

Hi @AthloneAdmin-6310

Thanks for the clarification,

Unfortunately, you cannot manage those devices from Azure AD.

The way that I see is:

  • have a DC server

  • Install Azure AD Connect

  • merge the local users with the MS35 users

In this way, you have the same user On-premises and cloud

Hope this helps,
Carlos Solís Salazar

Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
NOTE: To answer you as quickly as possible, please mention me in your reply.





1 Vote 1 ·
soysoliscarlos avatar image soysoliscarlos ·

@AthloneAdmin-6310, you can Accept Answer and Upvote, if the above response helped answer your query, others visiting the forum with the same query might get help.

NOTE: To answer you as quickly as possible, please mention me in your reply.

0 Votes 0 ·
AthloneAdmin-6310 avatar image AthloneAdmin-6310 ·

Thank you,

If I do merge them does that not mean that MS365 users will be able to login on any local AD connected machine due to the merger?

Thanks
Krynauw

0 Votes 0 ·
soysoliscarlos avatar image soysoliscarlos AthloneAdmin-6310 ·

@AthloneAdmin-6310

That's Correct!!

Technically speaking, the main user will be the user in the Windows AD, and this user will be synchronized in your Azure AD through Azure AD Connect.

With that configuration, you can achieve your goal of the Local user will be the same user of MS365.

Hope this helps,
Carlos Solís Salazar

Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.

NOTE: To answer you as quickly as possible, please mention me in your reply.

1 Vote 1 ·
soysoliscarlos avatar image soysoliscarlos soysoliscarlos ·

@AthloneAdmin-6310, you can Accept Answer and Upvote, if the above response helped answer your query, others visiting the forum with the same query might get help.

NOTE: To answer you as quickly as possible, please mention me in your reply.

0 Votes 0 ·