Forum Discussion

gowdaman's avatar
gowdaman
Copper Contributor
Jul 18, 2024

Intune Management for AD Joined machines

I have a couple of questions regarding Intune Management: Question 1: - Our organization currently has devices that are AD domain joined. We aim to streamline device management using Intune wit...
Intune
SebastiaanSmits's avatar
SebastiaanSmits
Steel Contributor
Jul 19, 2024

gowdaman 

 

Question 1 - it really depends. If you are able to get rid of you GPO's and for example AD site dependencies and perform evrything with MDM configs, scripts and other controls and you do not need your device object in AD to have some functionality that you company dependend on (Radius as an example)? You are able to find an implement the suitable alternatives; then sure you can go Entra joined.

 

There are tons of great articles out there, on the internet, that describes the detailed considerations, here a greate example of one of those articles:

 

https://call4cloud.nl/2021/03/deliver-us-from-hybrid/

 

Question 2 - It is best to fix this, without the AzureAdPrt you will run into problems with Conditional Access, you will not be able to use the grant type devices must be hybrid joined:

 

 

 

see this https://learn.microsoft.com/en-us/answers/questions/176370/device-isnt-recognized-as-hybrid-joined-device) 

 

and this: https://community.spiceworks.com/t/azure-conditional-access-hybrid-joined-devices-issue/718901