I recently disconnected my on-prem AD machine and joined my machine to azure ad. I'm doing this to test some of the azure ad features and viability for some of our use cases to use azure ad instead..
With my azure ad joined machine i can \\ unc to on-prem resources, start and use ADUC, rdp to on-prem servers etc, essential i can do everything i used to be able to do when my machine was joined to on-prem AD, the only thing i cannot do is use the ActiveDriectory module in powershell.
I can use powershell remoting, eg, invoke-command against my on-prem AD, i can enter-pssession to AD, but i cannot do stuff like get-adcomputer, or get-aduser from my local powershell session any more..
the error i receive is
PS C:\Users\Andrew> Get-ADComputer abcd123
Get-ADComputer : Unable to find a default server with Active Directory Web Services running.
I have my on-prem ca root certificate installed in my local machine personal store. I have also tried the above command using the various -AuthType and -Credential switches/parameters, but i get the same web services error.
Any clues why i cannot use the ActiveDirectory powershell module?
Well, at the very least you will have to use the Credentials parameter when running AD PowerShell cmdlets on a non-domain PC. Or you can just open implicit remoting session via Enter-PSSession. Probably the network rules need to be adjusted, as well as WinRM config.
You dont have to leave the domain in order to join the computer to Azure AD btw.