Can Hybrid Azure AD joined Devices used for off-site?

Ascend Forward 1 Reputation point
2020-06-16T02:52:24.883+00:00

Hi,

We are currently facing issues that most workplaces are facing with working from home. We would like to know if we setup our devices using Hybrid AAD join will our devices update as if they are on-prem?

For example, if a user updates their password online and turn on their hybrid domain joined computer at home, will the computer sync the new password?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,455 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. VipulSparsh-MSFT 16,231 Reputation points Microsoft Employee
    2020-06-16T05:54:04.203+00:00

    @AscendForward-3747 Thanks for reaching out. This is indeed a common scenario now a days and all depends how are you approaching on this.

    1) Brand new laptop getting shipped to users location with Hybrid AAD Join AUTOPILOT configuration.

    If that is the scenario you are in, you will have to consider the White Glove Hybrid AAD Join off corporate network path. Which needs a corresponding VPN profile so that your end users can connect to Corporate network and complete the joining process.

    2) Users already have a Hybrid AAD join devices from office, in this scenario it will just work normally like the way you would expect it to. If you have a password writeback enabled, then any user who changes the password over internet eventually triggers a password reset at on-prem where the new password is updated. You might see a little bit of delay and then you can login using your new password. (Provided the client machine has proper connectivity to your corp network)

    Let me know if you have any questions.

    If the suggested response helped you resolve your issue, do click on "Mark as Answer" and "Up-Vote" for the answer that helped you for benefit of the community.