Forum Discussion

ITCM-BS's avatar
ITCM-BS
Copper Contributor
Nov 16, 2023

"Organically grown IT" - local AD to Entra - best practice/latest advise?

Dear all,

 

We would appreciate your view on this topic:

 

0. Starting base

 

There seem to be a lot of different statements regarding regarding the switch from AD Join to Azure AD/Entra Join, e.g.

 

ranging from:
- PowerShell scripts (like Adam Nichols' or Sean Bulger's tools/scripts)
- MS Autopilot or bulk enrollment with Windows Configurationd Designer
- 3rd party tools like ForensiT Domain Migration
- potentially outdated information (e.g. 2018-2020)

 

to:
- just simply disconnecting from the AD and joining Entra
- repeated statements that most of the suggestions above are NOT supported by Microsoft - recommending Reset and Wipe, followed by joining Entra with a clean setup as the only reliable procedure.

 

1. Customer's current setup

 

- Local AD
- Azure AD/Entra Connect synchronized
- Mixture of pure office and office/home office users
- PCs joined to local AD (while very few maybe not - users login in with their Entra account only)
- PCs Azure AD/Entra Registered - but not joined
- Most users still using their local domain login on their machines
- Some users users having used both their Entra account and their local AD account to login to PCs
- Some (few) PCs used by different users
- Notebooks are BitLocker encrypted (with keys in local AD)
- Users basically working with MS365 Apps - e.g. no database servers/VMs/etc to migrate
- Users using specific local apps/programs on their PCs

 

2. Target

 

- All PCs Entra Joined
- Switching off local AD completely
- Preserving selected user profiles (the one mainly used by the user) / moving them to Entra (if possible - to avoid setting up from scratch)

 

3. Microsoft recommendation?

 

- Is there any official MS recommendation give the setting above?

 

4. Your recommendation/input

 

Eventually previously recommended procedures that can be found on the net have been replaced by new procedures, tools, recommendations:

 

- If there is anything you would recommend to do - or NOT to do (!) as of today - please share your experience, hints, tricks...
- Are there any specific hints given the "organically grown" IT infrastructure above? Reset and Wipe 🙂 ?

 

Your feedback is very much appreciated and hopefully helpful for others, too - many thanks!

  • ITCM-BS's avatar
    ITCM-BS
    Copper Contributor
    Any feedback, recommendations or just shared personal experience greatly appreciated 🙂

Resources