Forum Discussion
Intune Connector
That's for joining devices to your Active Directory and Azure AD. Azure AD Connect is for synchronizing users/groups to Azure AD.
Description of the Intune Connector:
"The Intune Connector for your Active Directory creates autopilot-enrolled computers in the on-premises Active Directory domain. The computer that hosts the Intune Connector must have the rights to create the computer objects within the domain."
https://docs.microsoft.com/en-us/mem/autopilot/windows-autopilot-hybrid
That's for joining devices to your Active Directory and Azure AD. Azure AD Connect is for synchronizing users/groups to Azure AD.
Description of the Intune Connector:
"The Intune Connector for your Active Directory creates autopilot-enrolled computers in the on-premises Active Directory domain. The computer that hosts the Intune Connector must have the rights to create the computer objects within the domain."
https://docs.microsoft.com/en-us/mem/autopilot/windows-autopilot-hybrid
- Harm, I was going through a video and they say that the Azure AD Connect does both the user group and devices sync. So, how come this is different you are saying? I am not following.
- The most basic way to look at is if you want to Hybrid Join EXISTING devices, then you just need to the AD Connector. If you want to Hybrid Join NEW devices, you also need the Intune Connector
Ok 🙂 Azure AD Connect syncs users, groups and devices from Active Directory to Azure AD. It can also sync devices from Azure AD back to Active Directory and even groups now. But... That's just that, has nothing to do with Intune. The Intune connector is only for autopilot enrolling devices and joining them to Active Directory and Azure AD aduring that proces. Normally the device would only join Azure AD during autopilot deployment.
Again, you only need to install and use the Intune connector when you want to join a new device during autopilot to both Azure AD and Active Directory. (It's a connector and not a sync tool)
- Thanks Harm. But, I see in the Tenant Administration under Microsoft Endpoint Management admin center, I click on Tenant Status it shows Healthy under Connector Status.
Status Connector
Healthy Windows AutoPilot last Sync date todays date and time
This means does it have a Intune Connector installed somewhere or is it from the AD Connector health status?
Another quick question.
Now, let us say we want to do AutoPilot new devices and onboard these devices to Azure AD instead of OnPrem since at one point we may have to move out of OnPrem, then in that case would it be best to directly onboard it to Azure AD and not to OnPrem AD Devices OU?- No problem.. Does the connector show here? https://endpoint.microsoft.com/#blade/Microsoft_Intune_Enrollment/DomainJoinConnectorsBlade
And correct, use the normal Autopilot Deployment profile to join the device to Azure AD only during deployment.So, we have to install this by clicking on Add and this needs to be done on the WIN2016 server?
