SOLVED

Workplace Join a 2012 Server to O365 tenant

%3CLINGO-SUB%20id%3D%22lingo-sub-312573%22%20slang%3D%22en-US%22%3EWorkplace%20Join%20a%202012%20Server%20to%20O365%20tenant%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-312573%22%20slang%3D%22en-US%22%3E%3CP%3EHave%20been%20struggling%20with%20SQL%202014%20on%20a%20non-domain%20Windows%202012%20Standard%20server.%20I%20cannot%20get%20NTLM%20Fallback%20(non%20Kerberos)%20authentication%20to%20work.%26nbsp%3B%20Error%20log%20of%20SQL%20indicates%20I%20am%20trying%20to%20use%20SQL%20auth%20when%20I%20am%20giving%20local%20server%20Windows%20creds.%26nbsp%3B%20As%20a%20test%20I%20want%20to%20join%20the%20server%20to%20our%20O365%20tenant%20and%20use%20the%20Accounts%20in%20the%20tenant%20to%20authenticate%20with.%26nbsp%3B%20I%20have%20already%20tried%20using%20same%20account%20name%20and%20password%20on%20client%20and%20server%20with%20limited%20success.%26nbsp%3B%20The%20test%20would%20allow%20using%20Integrated%20WA%20if%20I%20can%20get%20Server%20joined%20to%20Azure%20AD%20(O365).%3C%2FP%3E%3CP%3EI%20have%20installed%20the%20AutoWorkplace%20join%20program%20and%20signed%20into%20the%20Office%20portal%20with%20my%20Global%20Admin%20creds%20but%20I%20cannot%20figure%20out%20how%20to%20actually%20get%20the%20server%20to%20join%20the%20Azure%20AD.%3C%2FP%3E%3CP%3EI%20have%20also%20tried%20using%20the%20Change%20Computer%20app%20in%20properties%20but%20it%20complains%20with%20ldap%20DNS%20record%20not%20found.%26nbsp%3B%20NSLOOKUP%20seems%20to%20find%20the%20records%20required%20for%20Windows%2010%20and%20BYOD%20services.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20clues%20as%20to%20how%20to%20get%20a%202012%20stand-alone%20server%20joined%20to%20a%20O365%20tenant%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-312573%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-313206%22%20slang%3D%22en-US%22%3ERe%3A%20Workplace%20Join%20a%202012%20Server%20to%20O365%20tenant%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-313206%22%20slang%3D%22en-US%22%3E%3CP%3EBummer!%20Thanks%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F869%22%20target%3D%22_blank%22%3E%40Chris%20Webb%3C%2FA%3E.%20Not%20going%20to%20set%20up%20another%20server%20to%20do%20ADFS%20and%20then%20sync%20to%20Azure%20AD%20for%20a%20one-off%20client%20server%20app%20in%20the%20office%20when%20we%20are%20supposed%20to%20be%20ALL%20CLOUD.%3C%2FP%3E%3CP%3EI%20worked%20around%20by%20using%20VPN%20to%20office%20and%20making%20local%20accounts%20on%20the%20server%20for%20the%20users%20and%20client%20app.%20Sucks%20for%20the%20users%20as%20they%20now%20have%26nbsp%3B2%20more%20credentials%20that%20I%20have%20to%20manage.%20Luckily%20there%20is%20only%205%20or%20so.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-312612%22%20slang%3D%22en-US%22%3ERe%3A%20Workplace%20Join%20a%202012%20Server%20to%20O365%20tenant%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-312612%22%20slang%3D%22en-US%22%3EWindows%20Server%202012%20does%20not%20provide%20azure%20AD%20join.%20The%20only%20option%20is%20ADDS%20and%20your%20adding%20a%20lot%20of%20complications%20there%20with%20network%20security%20and%20would%20need%20to%20do%20a%20VPN%20of%20some%20kind%20if%20you%20wanted%20to%20get%20that%20working.%20I%20think%202019%20will%20support%20azuread%20join%20or%20does%20not%20sure%20but%20def.%20not%202012.%3C%2FLINGO-BODY%3E
Highlighted
Frequent Contributor

Have been struggling with SQL 2014 on a non-domain Windows 2012 Standard server. I cannot get NTLM Fallback (non Kerberos) authentication to work.  Error log of SQL indicates I am trying to use SQL auth when I am giving local server Windows creds.  As a test I want to join the server to our O365 tenant and use the Accounts in the tenant to authenticate with.  I have already tried using same account name and password on client and server with limited success.  The test would allow using Integrated WA if I can get Server joined to Azure AD (O365).

I have installed the AutoWorkplace join program and signed into the Office portal with my Global Admin creds but I cannot figure out how to actually get the server to join the Azure AD.

I have also tried using the Change Computer app in properties but it complains with ldap DNS record not found.  NSLOOKUP seems to find the records required for Windows 10 and BYOD services.

 

Any clues as to how to get a 2012 stand-alone server joined to a O365 tenant?

2 Replies
Highlighted
Solution
Windows Server 2012 does not provide azure AD join. The only option is ADDS and your adding a lot of complications there with network security and would need to do a VPN of some kind if you wanted to get that working. I think 2019 will support azuread join or does not sure but def. not 2012.
Highlighted

Bummer! Thanks @Chris Webb. Not going to set up another server to do ADFS and then sync to Azure AD for a one-off client server app in the office when we are supposed to be ALL CLOUD.

I worked around by using VPN to office and making local accounts on the server for the users and client app. Sucks for the users as they now have 2 more credentials that I have to manage. Luckily there is only 5 or so.