Forum Discussion

woelki's avatar
woelki
Iron Contributor
Feb 23, 2024

Improve user experience after client migration

Hi guys,

hopefully this is the best hub, but as it is hybrid related I think this should match.

I am currently migrating a customer where we are consolidating several AD domains into one. With Quest Migration Manager for AD we are moving accounts and clients. On the Quest side, everything works great so far, but we have some problems to make the whole migration process even cleaner for the user.

The user accounts are already pre-migrated and are not a problem. When the client is migrated, we just set an attribute on the user account so that the AAD Connect knows that it should now synchronize it from the new domain.

However, we have some problems with the client. The move to the new domain works cleanly and naturally, a lot of GPOs are fetched now from the new domain controllers. The biggest challenge, however, is the Workplace or the hybrid join. The device still has to be synced to the cloud, the user has of course just logged in and wants to work. However, the workplace join is not yet complete at this point and the user receives a lot of MFA pop-ups from the Federated MFA provider Authpoint.

It has been shown that if some time passes by and the user restarts again, the
Workplace Join works and the user no longer receives multiple MFA Auth requests.

Have you had similar experiences with on-premise client migrations with M365 connection?
Would it be best to prevent the Workplace Join in the new domain for the time being?


Best regards,
woelki

No RepliesBe the first to reply

Resources