none
MS Acct on local domain

    Question

  • So... I am pretty sure the answer is 'No' but I am going to ask anyways because I am sure that most of you are much smarter than I am;

    Is there a nice way to add a set of MS accounts (as used to log into a win10 machine) to a local domain directly?

    The reason I am asking:
    Over the weekend I lost most of my server (2 HDDs, 1 RAM channel, and several PCIe ports) to a lightning strike.  Thankfully I was running RAID6, so no data was lost, and the server is limping along well enough that I can do a data-dump to a new unit.  But as I am building a new server, my boss would like me to use Server2016 to learn it on my home network before we start deploying it in the school district.

    On my old server I was never able to get FreeNAS to play nice with MS Accounts for drive permissions, so all shares were essentially 'open' to all users... which isn't a huge problem as it is just family use, so privacy isn't exactly 'a thing' lol.  But, it would be nice to have some folders be read-only for my kids accounts so they don't 'accidentally' delete the music collection from the server, or decide one day to erase all of their embarrassing baby photos and movies.

    As we currently all log in with MS accounts, is there a nice way to just add those accounts to the domain directly?  Or do I essentially need to make all-new user accounts on the domain, and then associate those domain accounts with their appropriate MS account?

    If I have to make separate domain accounts, is there a way in AD to automatically link their domain acct to their MS acct rather than having to manually do it every time they log into a new PC?

    Thanks!
    CaedenV

    Tuesday, December 20, 2016 3:10 PM

All replies

  • Hi CaedenV,

    Is there a nice way to add a set of MS accounts (as used to log into a win10 machine) to a local domain directly?

    >>>As far as I know, there is no built0in way to achieve this.

    which isn't a huge problem as it is just family use, so privacy isn't exactly 'a thing' lol.  But, it would be nice to have some folders be read-only for my kids accounts so they don't 'accidentally' delete the music collection from the server

    >>>You could configure NTFS and shared permission for those folders to avoid accidentally deleting.

    Here is an article below about how to configure share and NTFS permission for your reference.

    12 Steps to NTFS Shared Folders in Windows Server 2012

    https://blogs.technet.microsoft.com/keithmayer/2012/10/21/12-steps-to-ntfs-shared-folders-in-windows-server-2012/

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, December 22, 2016 1:23 AM
    Moderator