25

With respect to domain-joined Windows 8/8.1 Pro machines, what features of Windows will not work unless a Microsoft Account is used?

Also, aside from "feature loss," are their any gotchas of not using a Microsoft Account in a domain-environment?

This is a Server 2008 R2-based Active Directory environment. No Office 365.

I say Reinstate Monica
  • 3,100
  • 7
  • 23
  • 51

3 Answers3

30

features of Windows will not work unless a Microsoft Account is used?

None. You only lose features of various software, and 99% of that is conveniences that nobody will miss. You lose the "Store" completely, and applications like "Weather" need to have the location configured (they can't just pull that data from your account).

Are their any gotchas of not using a Microsoft Account in a domain-environment?

Nothing specific to the domain or security.

We disable the the Store and Login with MS Accounts anyway, just so people don't wander into anything:

Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options\Accounts: Block Microsoft accounts 
Computer Configuration\Policies\Administrative Templates\Windows Components\Store\Turn off the Store application

If you disable the Store, but do not uninstall all of the apps, you will likely want to install the updates for those apps (I'm not aware of any recent security problems, but it's Microsoft software). Microsoft provides a full list of built-in App updates that can be imported into a WSUS sever (or you can extract the MSI installer from the cabinet file and deploy it however you like).

Chris S
  • 77,337
  • 11
  • 120
  • 212
  • 3
    While it may be debatable whether you *want* microsoft's online features, its undeniable that some are made unavailable so this answer is patently incorrect. It might be popular to have a dig at MS but why not answer the question and list what you actually lose? Particularly bad example to set by a mod. – JamesRyan Dec 11 '14 at 12:46
  • If the store is unavailable, does that mean that the pre-installed application like Weather can't receive updates (which may include security fixes)? – Andy Dec 11 '14 at 14:12
  • 3
    @Andy Thank you for reminding me! If the Store is disabled, and you leave any of the default Apps installed, MS provides updates for WSUS that you can import (manually). The current list can be found here: http://support.microsoft.com/kb/2971128 – Chris S Dec 11 '14 at 15:08
6

Nothing, the only real "functional" loss is that computers will no longer sync the application and user configurations across machines, and some software from the store will prompt for credentials when run.

Jim B
  • 23,938
  • 4
  • 35
  • 58
  • Are the credentials repeatedly requested by the apps, or can the user logon once and save the credentials? – I say Reinstate Monica Dec 12 '14 at 02:37
  • Depends on the app. With more corps deciding that they don't want the improvements of the apps or app store, more apps go around it which is another reason to avoid the "bury your head in the sand" security model and manage store access rather than simply disable it. – Jim B Dec 12 '14 at 06:32
  • 1
    Ok, this might merit another question, but what do you have in mind when you say **manage** Store access. GPOs? Something else? – I say Reinstate Monica Dec 12 '14 at 17:11
0

Onedrive cloud backup integration.

JamesRyan
  • 8,138
  • 2
  • 24
  • 36