Back again! Now Part 2 of Windows Autopilot Hybrid Azure AD join. Lets recap on what we did in Part 1
- We have checked that our Azure AD Mobility (MAM/MDM) settings are ok,
- Increased the computer account join limit in your On-Premises AD (for the server who is running the Intune Connector for Active Directory)
- Create a (Dynamic) Device Group in Azure AD
- Convert existing devices to AutoPilot (if applicable)
- Created a AutoPilot Deployment Profile
- Turned on the enrollement status page (optional)
- Created a Domain Join Device Configuration Profile
- Installed the Intune Connector for Active Directory on a On-Premises server
- Uploaded your CSV incl. all your registered (AutoPilot) devices and assigned them to the Deployment Profile
When all is set you can start to rollout your devices with AutoPilot including a Hybrid Join!
Ok! lets bootup our ‘test’ VM (which is registered as a AutoPilot Device)!
The ‘Enrollment Status page”:
Done! Ok, now lets check if all is configured/setup as expected.
Open a PowerShell (or CMD) box and insert: dsregcmd /status and check the following lines:
Check screenshot for an example:
Open the Azure Portal and navigate to Azure Active Directory blade -> Devices
Check your device and check ‘Join Type’. Check screenshot for an example:
Open Active Directory on your On-Premises DC.
Check your newly created computer accounts:
Windows Autopilot Hybrid Join is a great way to fully benefit of the deployment options (and future released features) of modern deployments in Intune including On-Premises AD Join!
With this deployment type you’ll have a extra option/scenario to make the move to the cloud even more easier.
Of course you could deploy your devices via WDS/MDT/SCCM and make the device Hybrid to Azure AD but that leaves your On-Premises as a ‘Primary’ to device deployments.
With Windows Autopilot Hybrid Join you can turn over this to the Cloud and use it as your ‘Primary’ to device deployments.