Forum Discussion
aaitbendra
Jun 17, 2024Copper Contributor
Issues with Hybrid Azure AD Join During Autopilot Enrollment
Hello Community,
I am seeking advice on an issue we’re experiencing with Microsoft Intune and Autopilot in our environment. We have set up an enrollment profile intended to enroll devices as Hybrid Azure AD joined during the Autopilot process. However, we’re encountering a problem where some devices are enrolling as Azure AD joined (cloud-only) instead of Hybrid.
Has anyone else experienced this issue? Any suggestions on what might be causing this inconsistency or how to troubleshoot it further would be greatly appreciated!
- NicklasOlsenIron ContributorHello aaitbendra
This sounds interesting 🙂
Have you noticed anything different when it's enrolling as cloud-only and not hybrid? - leonpolmanCopper ContributorIt might take a while for the device to be recognized as a hybrid joined device because the process of making the device hybrid is done after the autopilot enrolment. The hybrid connection is being created after the device has connected to the domain controller, and is being synced by the AD Connect sync cycle.
Are you sure that the organisational unit where the devices will get added to, is being synced to azure using the AD connect tool?
Microsoft also does not recommend to use hybrid autopilot (anymore), see the "important note" on this Learn page; https://learn.microsoft.com/en-us/autopilot/windows-autopilot-hybrid- aaitbendraCopper ContributorYes, the OU is synced to Azure. The issue is intermittent. Occasionally, a device is created in the Domain Controller and enrolled in Intune as a Microsoft Entra joined device. In these cases, I delete the Microsoft Entra joined device object using PowerShell and then run a delta sync to ensure the device is enrolled as a Microsoft Entra hybrid joined device in Intune.
Other times, the device is just cloud-only without any object in the Domain Controller, and the device name does not follow the pattern I have configured in Intune.