Home

Hybrid Azure AD Join - registered Domains

%3CLINGO-SUB%20id%3D%22lingo-sub-204929%22%20slang%3D%22en-US%22%3EHybrid%20Azure%20AD%20Join%20-%20registered%20Domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-204929%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20All%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20would%20like%20to%20understand%20better%20what%20are%20the%20prerequisites%20regarding%20Hybrid%20Azure%20Join%20Setup%20within%20the%20Windows%20Active%20Directory%20and%20ADFS%20(if%20used).%20Regarding%20the%20Microsoft%20Documentation%20i%20cannot%20fully%20understand%20if%20all%20the%20internal%20AD%20Domains%20also%20need%20to%20be%20registered%20in%20the%20Tenant%20or%20not%20%3F%3C%2FP%3E%3CP%3EFor%20Example%20we%20have%20Single%20Forest%20with%20Root%20domain%20name%20lets%20call%20dummy.net%20but%20our%20users%20computers%20are%20in%20us.dummy.net%20or%20eu.dummy.net%20and%20so%20on.%20Our%20UPN%20and%20officially%20registered%20Domain%20in%20the%20Tenant%20is%20dummy.com.%26nbsp%3B%20the%20.net%20Domain%20and%20all%20the%20Child%20Domains%20are%20not%20registered%20in%20the%20Tenant%20as%20we%20do%20not%20use%20those%20names%20publicly.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20official%20Article%20im%20refering%20to%3A%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevice-management-hybrid-azuread-joined-devices-setup%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevice-management-hybrid-azuread-joined-devices-setup%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20whole%20process%20is%20strongly%20linked%20to%20the%20verified%20Domains%20in%20the%20Tenant.%20The%20Example%20in%20the%20Article%20obviously%26nbsp%3Bgoes%20only%20from%20the%20very%20optimal%20scenario%20and%20the%20assumption%20that%20my%20local%20AD%20is%20used%20single%20domain%20model%26nbsp%3Band%20public%20domain%20registered%20to%20the%20tenant.%20the%20Examples%20does%20not%20explain%20how%20this%20process%20works%20for%20a%20multi%20domain%20forest%20with%20a%20lots%20of%20different%20clients%20and%20Setup.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20help%20would%20be%20appreciated.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECheers%3C%2FP%3E%3CP%3EUeli%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-204929%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EEMS%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-205638%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Azure%20AD%20Join%20-%20registered%20Domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-205638%22%20slang%3D%22en-US%22%3E%3CP%3EExactly%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-205378%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Azure%20AD%20Join%20-%20registered%20Domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-205378%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Mitch%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOk%20thanks.%20So%20basically%20we%20do%20not%20have%20to%20care%20about%20the%20internal%20Domains%20the%20computer%20are%20actually%20joined%20to%20right%20%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMeans%20the%20Option%20in%20the%20Script%20to%3A%20set%26nbsp%3B%3CSPAN%3E%24verifiedDomain%20%3D%20%22contoso.com%22%20%23%20Replace%20this%20with%20any%20of%20your%20verified%20domain%20names%20in%20Azure%20AD%22%3C%2FSPAN%3E%20%26nbsp%3B%26nbsp%3B%20it%20can%20be%20any%20of%20multiple%20registered%20Domain%20Names%20within%20the%20Tenant%20%3F%20%26nbsp%3B%20like%20a%20Placeholder%20%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBest%20regards%3C%2FP%3E%3CP%3EUeli%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-205239%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Azure%20AD%20Join%20-%20registered%20Domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-205239%22%20slang%3D%22en-US%22%3E%3CP%3EThe%20internal%20domain(s)%20do%20not%20need%20to%20be%20registered%20in%20the%20Tenant%2C%20a%20lot%20of%20organisations%20have%20un-routable%20domain.local%20suffixes%20internally%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Ueli Zimmermann
Contributor

Hello All,

 

I would like to understand better what are the prerequisites regarding Hybrid Azure Join Setup within the Windows Active Directory and ADFS (if used). Regarding the Microsoft Documentation i cannot fully understand if all the internal AD Domains also need to be registered in the Tenant or not ?

For Example we have Single Forest with Root domain name lets call dummy.net but our users computers are in us.dummy.net or eu.dummy.net and so on. Our UPN and officially registered Domain in the Tenant is dummy.com.  the .net Domain and all the Child Domains are not registered in the Tenant as we do not use those names publicly. 

 

The official Article im refering to: 

https://docs.microsoft.com/en-us/azure/active-directory/device-management-hybrid-azuread-joined-devi...

 

This whole process is strongly linked to the verified Domains in the Tenant. The Example in the Article obviously goes only from the very optimal scenario and the assumption that my local AD is used single domain model and public domain registered to the tenant. the Examples does not explain how this process works for a multi domain forest with a lots of different clients and Setup.

 

Any help would be appreciated.

 

Cheers

Ueli

 

3 Replies
Highlighted

The internal domain(s) do not need to be registered in the Tenant, a lot of organisations have un-routable domain.local suffixes internally 

Highlighted

Hi Mitch,

 

Ok thanks. So basically we do not have to care about the internal Domains the computer are actually joined to right ? 

 

Means the Option in the Script to: set $verifiedDomain = "contoso.com" # Replace this with any of your verified domain names in Azure AD"    it can be any of multiple registered Domain Names within the Tenant ?   like a Placeholder ? 

 

Best regards

Ueli

Highlighted

Exactly :)

Related Conversations
SharePoint 2016 / sharepoint online
Share24x7 in SharePoint on
2 Replies
Get the user role from Azure AD by Laravel azure ad oauth
Arulraj123 in Azure on
0 Replies
Microsoft Developer Virtual Conference
Jenn Jinhong in Community Events List on
0 Replies
Ports
Rising Flight in Office 365 on
0 Replies
Exchange Hybrid Best Practises about autodiscover
woelki in Exchange on
0 Replies