Configure Hybrid Azure AD Join (To get ready for Cloud Only!)

Подписаться 15 тыс.

Просмотров 11 тыс.

50% 1

Hybrid Azure AD join has only one use - to help you move to Azure AD join.
If you already have Hybrid Azure AD join configured and working via Azure AD Connect, you don’t need to watch this video.
If you don’t already have Hybrid Azure AD join (also referred to as Device Registration) configured, then this video might help you out.

Наука

Опубликовано:

9 ноя 2022

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 20

@tharagz08 Год назад

Clean, concise video. I look forward to hearing about the ways you'd then convert this device into a cloud-only state

@theCMC Год назад

A video covering a possible option is being released today 😀

@user-ey6ny4wo4v 11 месяцев назад

Excellent, as always.

@joshvincent4059 Год назад

Would you need the computer OU synced before enabling the SCP?

@vinu85 Год назад

When I first install and then launch Azure AD Connect on server it doesn't show up the "tasks" page to configure Azure Hybrid join. It's totall absent and all other pages show up. What am I doing wrong.

@ozrahman126 10 месяцев назад

Does this method sync all devices in Active Directory?

@kozemachmad5153 6 месяцев назад

Hi Sir, nice tutorial, can we do ad connect installation when on prem domain is abc and azure domain is abcd? -- different domain.

@Hero332 Год назад

Does Microsoft provide public facing documentation? And we would love to get rid of on prem AD soon😅

@williamkass9057 2 месяца назад

If I have a user that isnt located within the Office(DOmain LAN) but has a company laptop that was joined to the on-prem domain when the laptop was setup in the past. If I migrate my infrastructure to Azure AD how am i able to get the aformentioned user endpoint to join the new AZURE AD domain with out making the user go to an office lan.

@theCMC 2 месяца назад

Let me understand this a bit more… Device = Domain Joined User = Hybrid / Synchronized to Azure AD In this case, for this device, just enable Device Registration in Entra ID connect (as shown in this video). This gives the device Cloud enabled features, and costs nothing. When you rebuild the device in future, or ship a new one, make it Cloud Native (also called Cloud Only, Azure AD Joined, Entra Joined) via Autopilot.

@OldFellaDave Год назад

What's the downside of allowing Hybrid join for On-Prem devices? Thinking about utilising Microsoft Endpoint Security rather than shelling out for Sophos Intercept X Advanced for another year, but this would mean going down the route of Hybrid Azure Join and Intune as well. What are the negative impacts for On-Prem PC's and Devices - not including licensing, I have plenty of those.

@theCMC Год назад

That is a great question, and actually I cannot think of a single downside. To that end, I asked BingGPT. They said: One downside of hybrid Azure AD join is that you need to enroll your devices in a network where a Domain Controller is present. Without this connection, devices become unusable. Another downside is that you need to reconfigure your current GPOs in to Intune configurations. Thankfully, both of these arguments are lies, so even BingGPT can't think of a downside.

@theCMC Год назад

There is the question of... is Defender for Endpoint P1 an equivalent of the Sophos product, which I can't help with directly. If you would like to discuss in more detail, reach out to me on LinkedIn (www.linkedin.com/in/deanellerby/) and I'd happily dive deeper :-)

@CGRealStudios Год назад

What about using the automatic GPO enrollment?

@theCMC Год назад

Yep, you can totally do that. And probably should! This video was specifically about getting the devices into Azure AD via AAD Connect.

@ranjithkumarduraisamy4728 Год назад

Thank you for the lot of key points. Is this way works for the AVD Pools, Multi session avds?

@theCMC Год назад

@@ranjithkumarduraisamy4728 Honestly, no idea! This is specifically around user identity SSO, so I'm not sure it's related.

@ranjithkumarduraisamy4728 Год назад

Np. Thank you for your timely response. :)

@srikanths651 Год назад

Awesome Video.... Thank you so much... don't mind.... shall I know how to create custom Coplaint policy .... saying that only these specific software installed client machines should show as Complaint and all other devices Should be in Non-Complaint.. please share if any links or videos are available on this. Now we have the situation to add the specific software Systems should be in Complaint....