cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Azure AD Conditional Access - Require Domain Joined Device

Joe Stocker
Bronze Contributor

‎Jul 17 2017 06:41 PM - last edited on ‎Jan 14 2022 05:31 PM by

‎Jul 17 2017 06:41 PM - last edited on ‎Jan 14 2022 05:31 PM by

Azure AD Conditional Access - Require Domain Joined Device

Does the ‘Domain Join’ checkbox in Azure AD Conditional Access require Azure AD Domain join, or does it mean on-premises Domain Join? The attached screen shot says ‘Not Azure AD Domain Join’ but the documentation shown in the screen shot seems to contradict this.

contradiction.jpg

64.3K Views
0 Likes
24 Replies
Reply
24 Replies

‎Sep 25 2018 11:48 AM

‎Sep 25 2018 11:48 AM

Re: Azure AD Conditional Access - Require Domain Joined Device

I don't understand how can I manage devices if some user in my organization have one company device as Hybrid Azure AD joined and another byod device as Azure AD registered.

Wich way I can use a condicional access rule to control access in both devices ?

0 Likes
Reply
Joe Stocker

‎Sep 25 2018 12:17 PM

‎Sep 25 2018 12:17 PM

Re: Azure AD Conditional Access - Require Domain Joined Device

Conditional Access to require a domain joined device requires that the computer is joined to the on-premises Active Directory domain.

In other words, just registering a machine to Azure AD is not enough, the minimum requirement is that the computer must be joined to the on-premises domain.

I tested out each possible scenario in my lab and I posted the results on my blog site here:

http://www.thecloudtechnologist.com/azure-ad-premium-conditional-access-for-domain-joined-machines/

0 Likes
Reply

‎Sep 25 2018 12:43 PM

‎Sep 25 2018 12:43 PM

Re: Azure AD Conditional Access - Require Domain Joined Device

Hi Joe,

All my devices are in my on-premise domain but lot's of them appear for me as "Azure AD registered"

And in this way I cant use a conditional access because the devices are not Compliant, what i'm doing wrong with the devices in my domain that they appear some of them as Azure AD registered and another devices appear as Hybrid Azure ad Join ?

devices.png

0 Likes
Reply
Joe Stocker

‎Sep 25 2018 12:46 PM

‎Sep 25 2018 12:46 PM

Re: Azure AD Conditional Access - Require Domain Joined Device

at the bottom of my long blog post, you'll find a troubleshooting section along with links to other helpful resources.
0 Likes
Reply
Birendra Negi

‎Jan 25 2019 01:35 AM

‎Jan 25 2019 01:35 AM

Re: Azure AD Conditional Access - Require Domain Joined Device

with Pass-through Authentication what is work fllow for join machine in domain 

0 Likes
Reply