Scenario 1: Your apps and resources are largely in the cloud
If you are moving your organization to the cloud and using SaaS apps like Office365 for productivity, you should consider Azure AD Join. Employees can join Windows 10 devices to Azure AD by themselves during the first-run experience or from the System Settings. And signing in to Windows 10 using their Azure AD credentials gets them single sign-on to Office365 and any other applications that use Azure AD for authentication – including the Azure AD Access Panel (at myapps.microsoft.com).
Scenario 2: Seasonal workers and Students
We've learned from our customers in retail and educational institutions that they need a way to manage two types of user identities: Long term employees like faculty and/or corporate staff, and high turn-over identities for students or seasonal workers. For these customers, a mixed model is ideal. They can continue manage long term employee's on-premises using Windows Server AD (connected to Azure AD). And they can managed their high turn-over identities in the cloud using Azure AD. This lets them take advantage of the scale out and cost benefits of the cloud. Now with Azure AD in Windows 10 these cloud only users will get the same great SSO to their PC's and Office365 and other cloud resources that had previously only been available to on-premises users.
Scenario 3: Choose your own device for on-premises users
Even where users are provisioned only in your on-premises directory, they get a simplified joining experience for Windows 10 devices that they purchase themselves. And as an admin you can still take advantage of the automatic MDM enrollment and conditional access offered by Azure AD. Users get single sign-on to Azure AD-backed resources and to a wide selection of on-premises resources as well.
Enabling Azure AD JoinYou can also configure the following options:
Note: Global Administrators and the device owner are granted local administrator rights by default.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.