Event banner
Event details
Why the feature "Skip AD connectivity check" remains in "preview" after 2 years? What happen with the clients that need device objects in AD but wants to use Autopilot?
- Jason_Sandys
Microsoft
There is a myriad of reason for this that all stem from this not being our recommend or preferred path for provisioning new Windows endpoints. Is there a specific reason that you must have a device object in your on-prem AD? Keep in mind that authentication to on-prem resources does not require this in the vast majority of cases; see https://docs.microsoft.com/en-us/azure/active-directory/devices/azuread-join-sso for reference.- Hi Jason, thank you for your reply. Right now I have many stoppers I need to solve before achieve the only AAD joined scenario (LAPS, Legacy authentication, Customizations based on AD attributes, drive mapping, etc.) we have Co-Management with all workloads in Intune, and for me Autopilot is one of the consequences of a mature Modern Management, now I would like to understand if with this scenario is fine to proceed with Autopilot or if I have to stay with legacy on-prem OSD technology while I remove all the AD dependencies.
- Jason_SandysThat's not a question I can fully answer for your org but honestly, I would work on getting rid of any legacy, on-prem dependencies that you have first and piloting AADJ ASAP. As noted, legacy auth is not a blocker in the overwhelming majority of cases. Shifting to "modern" requires rethinking "the way you've always done it" things as well like drive mapping -- these should have died 20+ years ago. aka.ms/cloudnativeendpoints is the best resource I can point you to for helping with this path (myself and a few awesome colleagues worked on this set of docs over the first half of this year).
