Setup Windows Autopilot with Hybrid Azure AD join – Part 2

Blogs , , , , , 0 Comments

Hi,

 

Back again! Now Part 2 of Windows Autopilot Hybrid Azure AD join. Lets recap on what we did in Part 1

  • We have checked that our Azure AD Mobility (MAM/MDM) settings are ok,
  • Increased the computer account join limit in your On-Premises AD (for the server who is running the Intune Connector for Active Directory)
  • Create a (Dynamic) Device Group in Azure AD
  • Convert existing devices to AutoPilot (if applicable)
  • Created a AutoPilot Deployment Profile
  • Turned on the enrollement status page (optional)
  • Created a Domain Join Device Configuration Profile
  • Installed the Intune Connector for Active Directory on a On-Premises server
  • Uploaded your CSV incl. all your registered (AutoPilot) devices and assigned them to the Deployment Profile

When all is set you can start to rollout your devices with AutoPilot including a Hybrid Join!

Ok! lets bootup our ‘test’ VM (which is registered as a AutoPilot Device)!

The ‘Enrollment Status page”:

Done! Ok, now lets check if all is configured/setup as expected.

Open a PowerShell (or CMD) box and insert: dsregcmd /status and check the following lines:

  • AzureADJoined
  • DomainJoined

Check screenshot for an example:

Open the Azure Portal and navigate to Azure Active Directory blade -> Devices

Check your device and check ‘Join Type’. Check screenshot for an example:


Open Active Directory on your On-Premises DC.

Check your newly created computer accounts:


Conclusion

Windows Autopilot Hybrid Join is a great way to fully benefit of the deployment options (and future released features) of modern deployments in Intune including On-Premises AD Join!
With this deployment type you’ll have a extra option/scenario to make the move to the cloud even more easier.

Of course you could deploy your devices via WDS/MDT/SCCM and make the device Hybrid to Azure AD but that leaves your On-Premises as a ‘Primary’ to device deployments.
With Windows Autopilot Hybrid Join you can turn over this to the Cloud and use it as your ‘Primary’ to device deployments.

gr,

Pieterbas