Forum Discussion
Automating Migration from AD to AAD (Non-Hybrid)
I promise I've Googled as hard as I can and can't find the answers to what seem like some pretty simple questions... I've got a bunch of digital signage and point-of-sale devices that I want to m...
I swear there's not enough documentation out there and whatever bits there are, it's mostly only very specific to that one step and not as a whole migration. To answer your questions:
- Joining an AD device to AAD IS by definition a hybrid setup (Hybrid join). They can co-exist indefinitely. I've done a couple and the devices have been hybrid for years. I'm not a big fan but if the business is saying it wants to move to the cloud while at the same time not wanting to upgrade its legacy and on-prem apps, you have no choice.
- See below.
This is the method that I've used on a few environments and works well:
- Create an Intune dynamic device group with the ZTDId rule (Google this)
- Setup a user driven Autopilotot profile and assign it to the group in step 1
- Do this (again, why this isn't common knowledge is beyond me):
https://euc365.com/enrol-devices-to-autopilot-unattended/ - Push the script out to all your devices. I used our RMM tool to push the script to all our devices but you could use GPO
- Send a wipe command to all devices. I used this command and pushed it with RMM:
https://techcommunity.microsoft.com/t5/windows-deployment/factory-reset-windows-10-without-user-intervention/m-p/1339823 - Let the user enrol and sign into the device themselves. This might come as a shock to some but if you want to move forward, this is how it will be done (almost like zero touch on mobile). If Outlook breaks again, it's not worth spending hours trying to fix it, just send a blat command with Intune and let the user re-enrol from home.