none
How to skip domain joining during client deployment in a Windows Server 2012 Essentials network

    General discussion

  • This post describes a tempory solution that allows client computers to connect to Windows Server 2012 Essentials without joining the Windows Server 2012 Essentials domain. Please read the following Notes carefully before you take any actions.

    Description

    When deploying Pro/Enterprise/Ultimate Windows client computers in a Windows Server 2012 Essentials network, joining the Windows Server 2012 Essentials domain is mandatory. If the client computer is already joined to another domain, you are required to manually leave the existing domain; otherwise, the client deployment process will be blocked.

    Currently we have received requests from customers asking for the option to skip domain joining in a client deployment. As a result, in this article we provide a solution so that the client can connect to the server and utilize the majority of client features without joining the domain.

    Before you take any action, please read the following note. 

    Note:  

    If you skip joining the domain, the following areas will be impacted:

      • All features that require that you be joined to the domain will not be available, including domain credentials, Group Policy, and VPN.
      • Any third-party add-ons and applications that require that you join the domain will not be working properly.
      • Skipping domain joining in an off-premises client deployment is not supported.
      • This solution is only supported on the following Windows client versions:  
        • Windows 7 Professional
        • Windows 7 Enterprise
        • Windows 7 Ultimate  
        • Windows 8 Pro
        • Windows 8 Enterprise

    To skip joining the domain during a client deployment

    1. On your client computer, go to Start and search for command prompt "cmd".
    2. In the search results, find cmd.exe and run as administrator.
    3. Type the following command prompt:
      reg add "HKLM\SOFTWARE\Microsoft\Windows Server\ClientDeployment" /v SkipDomainJoin /t REG_DWORD /d 1
    4. Complete the steps on the Connect Computers to the Server Help topic.  

    Thursday, September 06, 2012 2:55 AM
    Owner

All replies

  • Thank you for listening on this one - removes what would have been a real blocker for people upgrading from WHS, although the price of the SKU may still be an issue.

    Andrew L Macaulay, MVP

    Thursday, September 06, 2012 6:17 AM
  • Same here, thanks for the workaround.
    Thursday, September 06, 2012 7:54 AM
  • I'll also thank MS for listening.

    A conversation occurring elsewhere has though inspired me to make some comments about how 'corporate admins' (CA's)may view this change. CA may not wish this change to be allowed. and that's fair and dandy because such restrictive CA is also running the user in 'least privelege mode' and the user will not be able to make the reg change.

    Should a user be running 'least privilege' they will need to approach the CA, explain their desire, and the CA will dis/approve the request.

    We will also hit this circumstance in SMB space, with users who attach to both the work WS12E and one they are using at home. I need to suggest that I encourage SMB admins to _also_ run their users in 'least privilege mode' so that should such occur you are, at least, aware of the activity.

    Thursday, September 06, 2012 9:40 PM
  • I was thinking of replacing Windows Home Server 2011 with Windows Server 2012 Essentials.  I see above that this process only supports the following Windows Client Versions:

    • Windows 7 Professional
    • Windows 7 Enterprise
    • Windows 7 Ultimate
    • Windows 8 Pro
    • Windows 8 Enterprise

    What can I do about Windows 7 Starter and Windows 7 Home Premium clients?

    Thank you.

    Joel Markus

    Friday, September 07, 2012 6:59 PM
  • I was thinking of replacing Windows Home Server 2011 with Windows Server 2012 Essentials.  I see above that this process only supports the following Windows Client Versions:

    • Windows 7 Professional
    • Windows 7 Enterprise
    • Windows 7 Ultimate
    • Windows 8 Pro
    • Windows 8 Enterprise

    What can I do about Windows 7 Starter and Windows 7 Home Premium clients?

    Thank you.

    Joel Markus

    As those versions of Windows 7 do not have the ability to join a Domain, you have to do nothing other than installing the Connector.


    Phil P.S. If you find my comment helpful or if it answers your question, please mark it as such.

    Friday, September 07, 2012 7:44 PM
  • Thank you!
    Friday, September 07, 2012 8:16 PM
  • Thanks for listening Microsoft! Omitting the domain-join requirement will make WSE a real option for WHS users, pricing aside. One question: is there any impact on user account management? Can workgroup user accounts on the clients align with domain user accounts on the server and obtain correct permissions for shares?
    Sunday, September 09, 2012 2:43 PM
  • Thanks for listening Microsoft! Omitting the domain-join requirement will make WSE a real option for WHS users, pricing aside.

    That was never really an issue to begin with.  You can just remove it from the domain once the Connector software is installed.  The only real benefit of this change is for clients that are already joined to another domain (and, as a result, could not join this one).  Frankly, I still think price is going to be the biggest hurdle for WHS users.
    One question: is there any impact on user account management? Can workgroup user accounts on the clients align with domain user accounts on the server and obtain correct permissions for shares?
    The permissions still work as if they are part of the domain (and automatically if the username and password on the server matches the username and password on the client).
    Sunday, September 09, 2012 4:28 PM
    Moderator
  • Confirmed in the video walk-thru of the install, then moving back to workgroup, seen over here, seems to work fine in newer Release Candidate too:
    http://tinkertry.com/windows-server-2012-essentials-fine-with-pcs-in-domain-or-workgroup/

    Monday, September 10, 2012 5:35 AM
  • This post describes a tempory solution that allows client computers to connect to Windows Server 2012 Essentials without joining the Windows Server 2012 Essentials domain. Please read the following Notes carefully before you take any actions.

    Description

    When deploying Pro/Enterprise/Ultimate Windows client computers in a Windows Server 2012 Essentials network, joining the Windows Server 2012 Essentials domain is mandatory. If the client computer is already joined to another domain, you are required to manually leave the existing domain; otherwise, the client deployment process will be blocked.

    Currently we have received requests from customers asking for the option to skip domain joining in a client deployment. As a result, in this article we provide a solution so that the client can connect to the server and utilize the majority of client features without joining the domain.

    Before you take any action, please read the following note. 

    Note:  

    If you skip joining the domain, the following areas will be impacted:

        • All features that require that you be joined to the domain will not be available, including domain credentials, Group Policy, and VPN.
        • Any third-party add-ons and applications that require that you join the domain will not be working properly.
        • Skipping domain joining in an off-premises client deployment is not supported.
        • This solution is only supported on the following Windows client versions:  
          • Windows 7 Professional
          • Windows 7 Enterprise
          • Windows 7 Ultimate  
          • Windows 8 Pro
          • Windows 8 Enterprise

    To skip joining the domain during a client deployment

    1. On your client computer, go to Start and search for command prompt "cmd".
    2. In the search results, find cmd.exe and run as administrator.
    3. Type the following command prompt:
      reg add "HKLM\SOFTWARE\Microsoft\Windows Server\ClientDeployment" /v SkipDomainJoin /t REG_DWORD /d 1
    4. Complete the steps on the Connect Computers to the Server Help topic.  

    What about Mac? Wait.. they can't join the domain anyway?
    Friday, September 14, 2012 10:34 PM
  • Thanks for listening Microsoft! Omitting the domain-join requirement will make WSE a real option for WHS users, pricing aside.

    That was never really an issue to begin with.  You can just remove it from the domain once the Connector software is installed.  The only real benefit of this change is for clients that are already joined to another domain (and, as a result, could not join this one).  Frankly, I still think price is going to be the biggest hurdle for WHS users.
    One question: is there any impact on user account management? Can workgroup user accounts on the clients align with domain user accounts on the server and obtain correct permissions for shares?

    The permissions still work as if they are part of the domain (and automatically if the username and password on the server matches the username and password on the client).
    I use windows live ids on my win8 machines, as strongly encouraged by MS, how can I set these up as users on the domain?
    Monday, September 24, 2012 5:56 PM
  • You sign onto Win8 using the domain account and link it back to the live account.
    Tuesday, September 25, 2012 1:56 AM
  • You sign onto Win8 using the domain account and link it back to the live account.

    This gives me access to the windows live services but still prompts to use windows easy transfer to migrate files and applications from my "old local account". It also requires all non standard start page apps to be re-installed.

    I do not want to end up with two duplicated sets of user data.

    I also have noticed that the start up page does not truly roam from machine to machine in that all installed apps do not roam from machine to machine, nor does any grouping and positioning of the apps on the page.

    Tuesday, September 25, 2012 1:48 PM
  • I am curious why microsoft doesn't make a change to Server 2012 Essentials to allow the customers to disable Domain Controller functionality all together. Maybe make it a role based feature. That way, if customers want domain controller, they can add a role.

    Software is not final yet, so there must be time...

    I think lot of customers like this.


    BJ

    Tuesday, September 25, 2012 4:10 PM
  • Doing increases the possible configurations of the server, making it more difficult to support the server itself.

    Now having the choice to participate in that domain or not owners may ignore the fact that te server is a DC.

    Tuesday, September 25, 2012 10:07 PM
  • If they make it role based and default has the Domain Server role enabled, it will not make it any more difficult to support. Users who want DC will not even notice the difference. But if they make it role basd, users can disable the role and get rid of DC funtionality that is not needed in several places...


    BJ

    Tuesday, September 25, 2012 10:19 PM
  • Hmmm.

    I've installed WSE2912 (extended lifetime of a box running WHS1) expecting to be able to gain access to a robust file server and get bit-for-bit backup/restore for Windows clients. Then I wonder why I can't install the Connector on my Win7/64 Professional client and read this about being part of a Windows domain :(

    Use case is a corp PC (tied to a domain) whic I would like to connect easily to my WSE2012 box. I tried the registry workaround above but Connector installer still can't find my WSE2012 server.

    Is there a way to reverse the registry workaround above - remove the key ???

    Server looks very nice, but I didn't expect to have to jump through hoops to connect clients !

    Thanks for any help

    Gary

    Saturday, November 03, 2012 4:08 PM
  • Hi!

    I tried that with 2 computers running Windows 8.  It works but I have an issue.  At each reboot, I need to enter the password each time for the connector to connect.  Even if my credentials are saved.

    Any idea?

    Best regards.

    Tommy

    Wednesday, November 07, 2012 4:43 PM
  • This seems to be "by design"... and is another side effect (I believe) of the machine not being domain joined. Please Microsoft, provide the option to be able to save the password in both the connector and, ideally, the dashboard (although I can understand the reason for not doing so on the dashboard) as was the case in WHS2011. This must be a relatively simple thing to do, given the code for this was there in the 2011 connector.
    Sunday, December 23, 2012 10:57 PM
  • Microsoft: for what it's worth, this seemingly minor annoyance is the main reason I am still running WHS 2011 and have not moved to WSE 2012.  It makes the use of non-domain joined Windows 8 clients almost completely unworkable (at least if you need to run Launchpad for any reason). Please bring back the option to save the login password in the Launchpad (a most welcome feature from WHS 2011).

    Monday, December 24, 2012 9:35 PM
  • This post describes a tempory solution that allows client computers to connect to Windows Server 2012 Essentials without joining the Windows Server 2012 Essentials domain. Please read the following Notes carefully before you take any actions.

    Description

    When deploying Pro/Enterprise/Ultimate Windows client computers in a Windows Server 2012 Essentials network, joining the Windows Server 2012 Essentials domain is mandatory. If the client computer is already joined to another domain, you are required to manually leave the existing domain; otherwise, the client deployment process will be blocked.

    Currently we have received requests from customers asking for the option to skip domain joining in a client deployment. As a result, in this article we provide a solution so that the client can connect to the server and utilize the majority of client features without joining the domain.

    Before you take any action, please read the following note. 

    Note:  

    If you skip joining the domain, the following areas will be impacted:

      • All features that require that you be joined to the domain will not be available, including domain credentials, Group Policy, and VPN.
      • Any third-party add-ons and applications that require that you join the domain will not be working properly.
      • Skipping domain joining in an off-premises client deployment is not supported.
      • This solution is only supported on the following Windows client versions:  
        • Windows 7 Professional
        • Windows 7 Enterprise
        • Windows 7 Ultimate  
        • Windows 8 Pro
        • Windows 8 Enterprise

    To skip joining the domain during a client deployment

    1. On your client computer, go to Start and search for command prompt "cmd".
    2. In the search results, find cmd.exe and run as administrator.
    3. Type the following command prompt:
      reg add "HKLM\SOFTWARE\Microsoft\Windows Server\ClientDeployment" /v SkipDomainJoin /t REG_DWORD /d 1
    4. Complete the steps on the Connect Computers to the Server Help topic.  

    I was an ex WHS Version 1 user.  I have installed Windows Server 2012 Essentials with 3 Clients.  A netbook running Windows 7 Starter: a laptop with Win7 home premium and a new desktop initially running Win 8 Pro.  I had a lot of trouble with the speed of file transfers from the net and to the WSE on this desktop.  So have installed Win7 Ultimate as a dual boot.  I used the above fix so as to not join the Domain.  I installed the Connector and all WSE facilities work fine except the Client back for the Desktop repeatedly fails. 

    Message is "An unknown error prevented backup from completing successfully."

    Is this because I am not connected to the domain?

    Thursday, March 07, 2013 4:10 AM
  • PLease explain how to do this exactely.  I run this command

    reg add "HKLM\SOFTWARE\Microsoft\Windows Server\ClientDeployment" /v SkipDomainJoin /t REG_DWORD /d 1

    then connect to WS2012E and install the connector software.    I created an administrator account on the server ans used that id to install the connector software.  At the client restart the client is now part of the WS2012E domain and dashboard works.  In order to get my local user desktop back I then left the WS2012E domain, from computer properties, rejoined my workgroup and restarted.  After log in launch pad and dash board do not connect, using the administrator account.  Reports that the server is off line.

    For me this server is unusable.

    Tuesday, March 12, 2013 7:52 AM
  • This worked fine but now I'd like to experiment with adding PCs to the domain so now I need to "undo" this registry change for those PCs.  I Know I need to wipe out the backups I've done so far and remove the computer from the server backup as well as uninstall the connector software - but not sure how to undo the registry change.

    Thanks!

    Wednesday, May 08, 2013 10:17 AM
  • Make a backup of the registry before attempting any changes to it! Removing the registry change is as simple as opening registry editor, drilling down to the registry key, highlighting it and right click to bring up the context menu. Choose delete to remove the key. I use regedit to edit the registry.
    Thursday, May 16, 2013 6:21 AM
  • You can either remove the key using regedit (as mentioned by Michael) or you can use the reg delete command:

    Reg delete <KeyName> [{/v ValueName | /ve | /va}] [/f]

    In this case:

    reg delete "HKLM\SOFTWARE\Microsoft\Windows Server\ClientDeployment" /v SkipDomainJoin

    Thursday, May 23, 2013 12:05 PM
  • Confirmed in the video walk-thru of the install, then moving back to workgroup, seen over here, seems to work fine in newer Release Candidate too:
    http://tinkertry.com/windows-server-2012-essentials-fine-with-pcs-in-domain-or-workgroup/

    Looking back now, for my 12 PCs backed up daily (many of which are offsite), I've found it easiest to install the connector without ever joining the domain, which also makes the installation much faster as well.  I wrote up the details here:
    http://TinkerTry.com/ws2012e-connector

    http://TinkerTry.com/ws2012e-dns-fix

    Minor issue is that you'll need to "fix" dns after every rollup apparently. Doesn't take long though, with no other side effects that I've noticed (backups working, shares working).  Even the very new UR2 (Update Rollup 2) is working fine, with my normal nightly backups completing last night.

    http://TinkerTry.com/update-rollup-2-windows-server-2012-essentials






    Sunday, June 16, 2013 4:27 PM
  • How connect an existing computers in dashboard without execute connector? My server is Server 2012 r2 with Essentials role installed.

    Thank you

    Monday, July 14, 2014 7:28 PM
  • not sure what im missing.  i just went through the migration from a 2003 sbs to 2012 Essentials. Same domain.local. i received no errors.  The "old" dc is still in place until i demote and remove. The new 2012 essentials server now holds all FSMO roles.  Will the domain computers fail connectivity to the new DC?  everything is working like a million bucks right now.
    Thursday, August 14, 2014 4:26 PM
  • I have this working as follows:

    1) Tested from Win8.1Pro, without removing the computer from the domain, I forced the free windows 10 update via Download tool found on Microsoft.com: https://www.microsoft.com/en-us/software-download/windows10 

    ** Notes: DO NOT CHANGE THE COMPUTER NAME OR DESCRIPTION DURING THIS PROCESS! The tray download option is not available to domain joined computers, so this step is needed to push the update without the tray app, while still being domain joined. The computer will upgrade while still in the domain and all user account information/applications/settings will all transfer without being lost (or a new local account being created) as would normally happen with a local administrative account via the tray app installation as intended. Access to the server shares will also still be available without the connector installed or working after the upgrade has completed as the local computer will continue to use the credentials in its store to access these resources.

    2) Once loaded into Windows 10, install KB KB2790621 to patch the connector: http://www.microsoft.com/en-us/download/details.aspx?id=40285

    3)  Before you run the connector setup (because you are already domain joined still) run the steps to skip domain join during client deployment. (Quoted instructions below.)

    To skip joining the domain during a client deployment

    1. On your client computer, go to Start and search for command prompt "cmd".
    2. In the search results, find cmd.exe and run as administrator.
    3. Type the following command prompt: 
      reg add "HKLM\SOFTWARE\Microsoft\Windows Server\ClientDeployment" /v SkipDomainJoin /t REG_DWORD /d 1

    4) Now run Start> All Apps> Windows Server Essentials> Connector Configuration Utility using your still current domain credentials.

    - If you run the dashboard at the end of the setup, you will see under devices that your computer is now online and connected to the server correctly and all services are functioning correctly.

    **On a side note, I had to connect to the server not by auto discovery, but instead by using the local IP address option or else the setup would hang after entering the credentials. This happened on more than one machine using the same process. This may have been caused by the DNS settings on the adapters being set back to Automatically Assign (pointing to the gateway and not to the server) after the OS update. Pointing the primary DNS entry back to the server before running the the connector config should also resolve this error/problem. **

    ~Enjoy





    • Edited by Wesmantx Thursday, August 27, 2015 7:11 PM DNS Bits added.
    Thursday, August 27, 2015 4:15 PM
  • Or download the free ISO and install Windows 10 that away. You don't need to not join pcs to the domain in order to get the Windows 10 upgrade.
    Tuesday, September 01, 2015 3:30 AM
  • Still valid for Windows 10 client and Windows Server 2016?
    Friday, March 18, 2016 12:34 PM
  • Does this work for SBS 2011 Essentials, too
    Tuesday, August 16, 2016 9:51 PM
  • Like Saarlaender asks below will the skip joining the domain reg code still work for those of us not wanting to join a domain.
    Thursday, October 27, 2016 9:08 PM
  • yes the regedit still works

    Grey

    Friday, October 28, 2016 10:08 AM
    Moderator
  • What do you mean adapter settings?  The regedit is to skip joining the domain, not setting DNS

    Grey

    Wednesday, February 01, 2017 9:05 PM
    Moderator