Can a PC be both Azure AD joined and On-site AD joined to seperate domains

%3CLINGO-SUB%20id%3D%22lingo-sub-1778725%22%20slang%3D%22en-US%22%3ECan%20a%20PC%20be%20both%20Azure%20AD%20joined%20and%20On-site%20AD%20joined%20to%20seperate%20domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1778725%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20know%20this%20might%20be%20a%20little%20bit%20away%20from%20the%20normal%20track.%20I%20am%20asking%20if%20it's%20possible%20to%20join%20a%20pc%20to%20an%20azure%20AD%20without%20having%20to%20remove%20it%20from%20its%20existing%20domain%20which%20is%20a%20different%20domain%20than%20the%20Azure%20AD.%20I%20am%20aware%20that%20at%20the%20very%20least%20the%20user%20would%20be%20created%20a%20new%20profile.%20I'm%20not%20sure%20if%20we%20would%20need%20to%20remove%20the%20pc%20from%20its%20existing%20domain%20before%20it%20can%20be%20added%20to%20the%20Azure%20based%20domain%20and%20whether%20they%20would%20get%20issues%20with%20using%20the%20on-site%20AD%20account%20and%20profile.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20any%20help%20you%20may%20provide.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1779357%22%20slang%3D%22en-US%22%3ERe%3A%20Can%20a%20PC%20be%20both%20Azure%20AD%20joined%20and%20On-site%20AD%20joined%20to%20seperate%20domains%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1779357%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F176164%22%20target%3D%22_blank%22%3E%40Gregor%20Reimling%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20the%20reply.%20They%20are%20two%20sperate%20domains%20e.g%20onpremiseADdomain.com%20and%20adazuredomain.comdomainnameb.com%2C%20it%20is%20possible%20to%20create%20a%20sync%20with%20AD%20but%20as%20they%20are%20different%20domains%20we%20would%20have%20use%20UPN%20and%20soft%20matching.%20As%20this%20is%20not%20for%20allot%20of%20users%20I%20am%20looking%20into%20the%20possibility%20of%20having%202%20profiles%20on%20the%20machine.%20One%20of%20these%20will%20login%20to%20the%20onpremiseADdomain.com%20and%20one%20for%20the%20adazuredomain.com.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAs%20far%20as%20I%20can%20tell%20you%20are%20saying%20its%20possilbe%20to%20use%20the%20azuread%20join%20method%20on%20the%20client%20when%20its%20already%20in%20a%20different%20domain%20and%20this%20will%20enable%20the%20use%20to%20login%20to%20different%20profiles%20and%20access%20resouces%20on%20both%20domains.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

Hello,

 

I know this might be a little bit away from the normal track. I am asking if it's possible to join a pc to an azure AD without having to remove it from its existing domain which is a different domain than the Azure AD. I am aware that at the very least the user would be created a new profile. I'm not sure if we would need to remove the pc from its existing domain before it can be added to the Azure based domain and whether they would get issues with using the on-site AD account and profile.

 

 

Thanks for any help you may provide.

 

 

 

2 Replies
Highlighted

@james00000007 Hi you can join a Client to both Azure AD and AD DS. 

Did you have Azure AD connect in place to synchronize existing AD DS User to Azure AD? 

You can configure Azure AD connect for Hybrid-join for devices, then devices they are available in AD DS will additional join the Azure AD. 

https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-federated-domain...

 

 

Highlighted

@Gregor Reimling 

Thanks for the reply. They are two sperate domains e.g onpremiseADdomain.com and adazuredomain.comdomainnameb.com, it is possible to create a sync with AD but as they are different domains we would have use UPN and soft matching. As this is not for allot of users I am looking into the possibility of having 2 profiles on the machine. One of these will login to the onpremiseADdomain.com and one for the adazuredomain.com.

 

As far as I can tell you are saying its possilbe to use the azuread join method on the client when its already in a different domain and this will enable the use to login to different profiles and access resouces on both domains.

 

Thanks