Is it Possible to get SSO working on a DomainJoined Server? (ADS)
A Local Terminal Server (MS Server 2016) is connected via VirtualVPN to the Azure-Active-Directory-Service. An Office Subscription is Active as well as a Azure P1 License.
On the Server there is an Office 365 MSO (16.0.11425.20242) installed.
The result for dsregcm /status is:
+---------------------------------------------------------------+ | Device State | +---------------------------------------------------------------+
AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : YES
DomainName : DOMAINES-KILGER
+----------------------------------------------------------------------+ | User State | +----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : NO
AzureAdPrt : NO
+----------------------------------------------------------------------+ | Ngc Prerequisite Check | +----------------------------------------------------------------------+
IsUserAzureAD : NO
PolicyEnabled : NO
DeviceEligible : YES
SessionIsNotRemote : NO X509CertRequired : NO PreReqResult : WillNotProvision
Inter Internet SecuritySettings that are needed by Microsoft are set:
-IntranetZones: aadg.window.net.nsatc.net -IntranetZones: autologon.microsoftazuread-sso.com -Allow updates to status bar via script
At this point the SSO does not work at all. Not in the iexplore or in the login to a Office-Product when it is startet to check for a License