Forum Discussion

lpmuu's avatar
lpmuu
Copper Contributor
Feb 06, 2024
Solved

AAD join Server 2025

Hi, Wondering if Server 2025 can be AAD joined.     this would help some businesses that have their laptops joined as well as would also like to have the option to join their Server for their line o...
General
management
security
  • Brentfor's avatar
    Brentfor
    Feb 07, 2024

    lpmuu 

     

    Hi, Brent here from the Windows Server team.  Can I ask you to elaborate a bit more on how you would use Entra ID device join on Windows Servers?  When is it most painful to be missing this capability?  Servers in the cloud, Servers at the edge, in your datacenter?  Would you use this with traditional AD or no?  Would this be most convenient for configuring and deploying, or troubleshooting, or other tasks?  You mention accessing corporate resources from the Server, would to know more about this.  Thanks!

EpsilonX's avatar
EpsilonX
Copper Contributor
May 01, 2025

Not sure if this reply will get through on a "solved" answer, but here's a great use case.

Imagine an engineering firm with 50 users needing a lot of local file storage (too expensive and slow to use in the cloud) but the computers are all Entra ID-joined and users log on with their Entra ID. Let's assume no local Active Directory is in place (hybrid with AD and joining computers to Entra ID is incredibly painful; some computers just work, others we have to jump through incredible hoops and registry entries to make it happen).

So setting up a Windows client computer won't work because it's limited to 20 concurrent file share sessions, as well as, managing 50 user accounts on that computer and setting up that credential in Windows Credential Manager just to access file shares on the server is a ton of wasted overhead and management.

Well, why not set up Windows Server in workgroup mode and join it to Entra ID? Then make the file shares, add Entra groups and/or users, and everything would work beautifully?

I'm really missing why Microsoft does not provide this capability that they provide on Windows client.

Or at VERY least, maybe we don't have to actually Entra-join the Windows Server, but add a feature such that user accounts and groups can be pulled from Entra and used on local resources?

Again, fully setting up, hardening, managing local Active Directory AND adding hybrid with AD Connect is a ton of really unnecessary overhead that results in extra IT time and problems.

This kind of functionality works on a Windows client (at least for adding Entra users to local shares), why can't it work on Windows Server?

Resources