Share via

Using Microsoft Entra for Authentication on Non-Domain Windows Servers

Andrew Halford (TEC) 0 Reputation points
2025-06-03T17:49:08.1833333+00:00

Is it possible to leverage Microsoft Entra for managing authentication across multiple Windows OS Servers located at customer facilities in the US, which are not part of the domain? The servers have internet connectivity only.

The goal is to utilize an Office 365 tenant for a single sign-on solution, allowing company employees to access these remote servers without needing to set up individual accounts on each server ahead of time. Additionally, the solution should ensure that access is revoked automatically when an employee is removed from the Office 365 tenant.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
25,011 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Kancharla Saiteja 5,080 Reputation points Microsoft External Staff Moderator
    2025-06-05T00:31:08.1766667+00:00

    Hi @Andrew Halford (TEC),

    Based on your query, I understand that you would like to use Entra authentication on non-domain windows servers.

    As per the description, we understood that you have no communication with the servers for the domain but would like to use with user Entra account. When there is no connectivity for the devices with Entra, you will not be able to use Entra authentication for SSO or any authentication types on the device. If you would like to use Entra authentication, you can at least make the server Entra joined. This will allow you to have Entra authentication and SSO on the server. This is absolutely on the cloud itself and not for your on-premises domain and when you remove the user account from the device or clear the user account there will be no access on the server. This is the best way of having Entra authentication on servers without adding them to your on-premises domain. Please go through the following document to find out the supported versions of devices and configuration of Entra join: Microsoft Entra joined devices. I believe this is the nearest solution for your ask, if you would like to use Entra authentication without any joining or connectivity with Entra, then we would like to confirm you that there is no other possibility to achieve your end goal.

    I hope this information is helpful. Please feel free to reach out if you have any further questions.

    If the answer is helpful, please click "Accept Answer" and kindly "upvote it". If you have extra questions about this answer, please click "Comment".

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.