question

wayne-6602 avatar image
0 Votes"
wayne-6602 asked amanpreetsingh-msft commented

Azure AD Join Question

Hi Guys,

Would like some advise on the Azure stuff.

I know we can join the windows 10 platform by Azure AD registered, Azure AD join and Hybrid Azure AD join with AD connect from the on prem AD to Azure AD.

However what if i do local ad domain joined and joining Azure AD as well, without Hybrid AD method (only do password hash sync) by ad connect. Users still login with their local AD credential. What is the different in this case with the actual Hybrid Azure AD join.

Thanks.

azure-ad-domain-services
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered amanpreetsingh-msft commented

Hi @wayne-6602 · Thank you for reaching out.

When a device is Local AD domain joined, you do not get the option to join the device to Azure AD (highlighted below).

107450-image.png

Which means, when you connect to work or school account, you actually register the device to Azure AD. Registering a device facilitates SSO and can be managed by MDM solutions, such as Intune. However, this will not allow users to authenticate directly from Azure AD.

In case of Hybrid Azure AD join, you can directly authenticate from Azure AD and you can be managed by Conditional Access policies without requiring any MDM solution.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


image.png (67.5 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @wayne-6602 · Just checking if you have any further question.

0 Votes 0 ·