Event details

Get answers to your questions about adopting Windows 11 and managing Windows devices across your organization. Find out how to proactively implement and monitor Zero Trust practices. Get tips on keeping devices up to date. Learn how to move forward with cloud-native workloads, even if you have on-premises or hybrid needs.

Windows Office Hours is our continuing series of live Q&A for IT professionals here on Tech Community.

How does it work?

We will have a broad group of product experts, servicing experts, and engineers representing Windows, Microsoft Intune, Configuration Manager, Windows 365, Windows Autopilot, security, public sector, FastTrack, and more. They will be standing by here -- in chat -- to provide guidance, discuss strategies and tactics, and, of course, answer any specific questions you may have.

Post your questions in the Comments early and throughout the one-hour event.

Note: This is a chat-based event. There is no video or live meeting component. Questions and answers will appear in the Comments section below.

Heather_Poulsen
Updated Jun 23, 2025
Office Hours

3 Comments

  • stdcsb's avatar
    stdcsb
    Brass Contributor
    Nov 20, 2025

    Autopilot & Hybrid-Joined devices: I've noticed that while Microsoft has promoted that Autopilot is definitely an option for those customers with Active Directory interested in moving to the cloud, I've also noticed Microsoft has also frequently and strongly recommended against this. My question is what are the known issues behind Microsoft's recommendation to avoid using Autopilot for hybrid-joining devices?

    • Joe_Lurie's avatar
      Joe_Lurie
      Icon for Microsoft rankMicrosoft
      Dec 11, 2025

      stdcsb​ There are a number of reasons where Entra-joined is better than hybrid-joining a device. Mainly, the device works anywhere there is an internet connection: whether in the office or out of the office, and you can enable Conditional Access, MFA, and other Zero Trust principles even without relying on an on-prem infrastructure.

      To your question on what are the known issues with Hybrid-joining during Autopilot that make us recommend Entra-joined instead, there's only one main issue and that's the VPN configurations necessary to enable Hybrid-joining during Autopilot. But the reason for our recommendation isn't so much an Autopilot reason but more of a 'moving from hybrid joined to Entra-joined requires a device reset' and since Autopilot is provisioning a brand-new or resetting an existing device, this is the perfect place to take advantage of the new device being Entra-joined. And once it's Entra-joined, then you get the other benefits, such as those I listed above.

  • Petr_Falc's avatar
    Petr_Falc
    Copper Contributor
    Nov 20, 2025

    When users attempt to unlock a locked Cloud PC using the Windows app, they have the option to switch from a password to a PIN for unlocking. Is it possible to configure PIN as the default unlock method for all users in these scenarios?