Forum Discussion
DanWheeler
Apr 05, 2022Brass Contributor
Automating Migration from AD to AAD (Non-Hybrid)
I promise I've Googled as hard as I can and can't find the answers to what seem like some pretty simple questions... I've got a bunch of digital signage and point-of-sale devices that I want to m...
365vCloud
Apr 06, 2022Brass Contributor
Yes, you can configure hybrid Azure AD join through Azure AD Connect.
https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-hybrid-azure-ad-join
https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-hybrid-azure-ad-join
- DanWheelerApr 07, 2022Brass Contributor
365vCloudas mentioned, I want to avoid hybrid. I don't want to connect anything that I'll have to disconnect and tear down later when on-prem gets taken out back.
FWIW - I do have a working model for automated AD disjoin and AAD re-join. Basically, I'm doing an invoke-command and a script block to send a few commands to the device which builds a scheduled task to join AAD on next reboot via a bulk deploy provisioning package then a remove-computer command with domain creds to remove the device. I'd do all this with SCCM but I don't want to put any credentials in the script or pipeline for this.
So on migration night, I run this script on each device which sets up the scheduled task to join AAD after it disjoins AD and reboots. I had to use the scheduled task because it's really hard to do any kind of powershell remoting once it's disjoined from the domain... lots of WinRM errors that got ugly trying to work past.