Forum Discussion
Conditional Access Hybrid Azure AD Joined
Jordy Blommaert Maybe not a case for you but I see strange behaviors if the computer for some reason is both Azure AD registered and Hybrid Azure AD Join. This was a problem before a certain version of Windows 10 (I think version 1809). I've also seen problems if the computer was recently domain joined (I guess it needs time to sync etc).
In either case, Microsoft seems to be doing a lot of changes on Windows 10 to make Hybrid Azure AD Join more reliable and functional so maybe you can see there are certain versions which have this problem?
JonasBack Thanks for the tip. I will review this with our customer.
There are indeed some devices that are Hybrid Azure AD Joined and Registered.
Jordy Blommaert OK, the only really good way to get out of that mess (when the same device is both Azure AD Registered and Hybrid Azure AD Join) is to update Windows 10 to at least 1809. It should then sort it out by itself and delete the Azure AD Registered device (just give it a little bit time and reboots). Just deleting the Azure AD Registered device in Azure AD is not a good solution since they device will still think it's Azure AD Registered. It's not easy to fix from the client side either since Azure AD Registered is on per-user basis.
JonasBack We reviewed the version of the PC's they are all running Windows 10 Pro Version 1903
Jordy Blommaert Then it should automatically removed the duplicated Azure AD Registered device. If you go to portal.azure.com > Azure Active Directory > Devices you can search for the name and see when it last had activity. Maybe the Azure AD Registered device haven't had any activity for a long time?