Set up Azure Active Directory joined devices
With device management in Azure Active Directory (Azure AD), you can ensure that your users are accessing your resources from devices that meet your standards for security and compliance. For more information, see Introduction to device management in Azure Active Directory.
If you want to bring work-owned Windows 10 devices under the control of Azure AD, you can accomplish this by configuring Azure AD joined devices. This topic provides you with the related steps.
To join a Windows 10 device, the device registration service must be configured to enable you to register devices. In addition to having permission to joining devices in your Azure AD tenant, you must have fewer devices registered than the configured maximum. For more information, see configure device settings.
What you should know
Windows joins the device in the organization’s directory in Azure AD.
You might be required to go through multi-factor authentication challenge. This challenge is configurable by your IT administrator.
Azure AD checks whether the device requires mobile device management enrollment and enrolls it if applicable.
If you are a managed user, Windows takes you to the desktop through the automatic sign-in.
If you are a federated user, you have to sign-in using your credentials.
Joining a device
This section provides you with the steps to join your Windows 10 device to your Azure AD. If you have successfully joined your device to Azure AD, your Access work or school dialog indicates this with a Connected to <your Azure AD> entry.
To join your Windows 10 device:
In the Start menu, click Settings.
Click Access work or school.
On the Access work or school dialog, click Connect.
On the Setup a work or school account dialog, click Join this device to Azure Active Directory.
On the Let's get you signed in dialog, enter your account name (for example, firstname.lastname@example.org), and then click Next.
On the Enter password dialog, enter your password, and then click Sign in.
On the Make sure this is your organization dialog, click Join.
On the You're all set dialog, click Done.
To verify whether a device is joined to an Azure AD, you can review the Access work or school dialog on your device.
Alternatively, you can run the following command:
On a successfully joined device, AzureAdJoined is Yes.
You can also review device settings on the Azure AD portal.
For more information, see locate devices.
For more information, see: