Event details
Just getting around to watch video, really good stuff but I do have a comment. The benefit of HAADJ is that things work without many challenges while gaining Internet functionality. AzureAD on Windows 10 is a horrible experience, can not speak about Win 11 yet to see if it will improve experience. Computer Management can not read AzureAD and need to rely on Powershell scripts to add SIDs, to local groups, that is so Win 95/DOS. Adding network printers, not a fun experience and other tools like VNC remote control can not leverage local groups because Azure is not working with nested groups, ie, AzureAD group inside of local group. But it does work with groups like Remote Desktop Users. Fear of the unknown is one thing, but working hard to make something fit is not a good approach. Intune is not ready, we have to install SCCM to gain reporting and application deployment and Azure sounds great, but we are debating adding Autopilot devices to AD to improve user experience with printing and more.
I've been helping customers implement AADJ and Autopilot for years now, it sounds like your issues are down to legacy methods of doing things that need updating, not inherent issues with the toolset.
Local group membership can be managed on devices via Intune in the Endpoint Security blade. Intune does reporting and application deployment.
- Right, we are willing to do things differently, but we do not want to go backwards and make it more complicated for the users and the support teams. If there are resources that we can leverage that is great, we have engaged MS Fasttrack on some of these items. Overall it works fine and perhaps in some of the issues we need to re-train how we do things, but it is not as seamless as it is being advertised and that is what we need to improve adoption.