Forum Discussion
Solved
Duplicate Azure Device when onboarding Defender for Endpoint
Hi I have a device which is "Microsoft Entra registered" with a owner assigned, they have logged into Microsoft account their device. We have onboarded the device to Defender for Endpoint and it no...
- Correct in your ENTRA Connect enable the hybrid AD join features and sync your devices to Entra Connect and delete the registered devices and any stale device
hi yes this setting is on.
These aren't duplicates in defender but duplicates in Azure Devices. As per below
Thanks
Are your devices joined to on prem domain ? Azure AD ? Workgroup?
- Yes they are on Prem devices domain joined, but dont sync to Azure using ADConnect, they show only registered as a user logs on with their MS account to office Apps
- When the same device ends up with two different identities in Azure AD, it is known as a Dual state in AAD terminology. In your case when you onboarded the device in MDE it will register the device with different ID . For you current setup the best pratice is to sync your devices as hybrid ad join since they are joined to onprem AD and delete the registered devices because always hybrid ad join take precedence on registered device type
- So i guess that means using ADConnect to get the devices Sync'd as hybrid?