Forum Discussion

Alex Melching's avatar
Alex Melching
Copper Contributor
Feb 17, 2018

Change Azure AD Registered device to Azure AD Joined device

Hello,

 

What is the preferred process of converting a device that is Azure AD registered to a device that is Azure AD joined?  I know that a device can be both, but unable to have a device that has been already registered be able to be Azure AD joined.

 

Any recommendations?

 

I have tried a couple scenarios; using the Company Portal app and removing the device and re-adding it, but have been unsuccessful. Device is always registered.  The only method that has worked is to reset the PC and perform the Azure AD join when initially setting up the device.

 

Thanks in advance!

  • bbhorrigan's avatar
    bbhorrigan
    Brass Contributor

    I generally don't convert them.  I would set it back up as a Azure AD joined device.  Azure AD registered is really designed for, maybe personal devices or other non domain joined.

     

     

    From Microsoft

     

    Type of device Device platforms Mechanism
    Personal devicesWindows 10, iOS, Android, Mac OSAzure AD registered
    Organization owned device not joined to on-premises ADWindows 10Azure AD joined
    Organization owned device joined to an on-premises ADWindows 10

    Hybrid Azure AD joined

     

     

    https://techcommunity.microsoft.com/t5/forums/replypage/board-id/Microsoft-Intune/message-id/500

  • You may want to try the dsregcmd command line tool to un-register (dsregcmd /debug /leave) and then sign out and back in to trigger the scheduled task that joins the device.

  • sourabh_jha24x7's avatar
    sourabh_jha24x7
    Copper Contributor

    Alex Melching  first i removed Azure ad Register device from azure Ad portal, and logged in on Windows 10 Machine went settings and click on account after that click connect and select "join this device to Active Directory" then you can able to do that. 

     

    Why your device is going to register after removing from azure portal:-

    after removing if you are going to access and Ms 365 app like Teams, Outlook, or SharePoint online your Device ll automatically register with azure AD.

  • Gratefulj's avatar
    Gratefulj
    Copper Contributor

    Alex Melching 

    I figured it out.  Broadly, these are the steps:

    1-Remove computer from local domain

    2-Remove registered computer from Azure

    3-Remove all accounts under settings->accounts->access work or school

    4-Remove all GUID keys from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments (GUID keys look like 18DCFFD4-37D6….). There will likely be one or two it won't let you delete. Leave those. Do not delete the other folders in there. This seems to be the key step

    5-Join machine to Azure

     

Resources