Azure AD Join on Windows 10 devices

Iron Contributor

We are running a 100% cloud instance of Microsoft 365 for about 10 users.   All those users have Surface Pro 4's running Windows 10 Pro.

 

In order to get the full benefit of the Microsoft 365 service, should I be "joining" these Surfaces to my Azure AD the same way that I would join an on premise Windows 2016 domain?

 

If so, where can I find instructions for how to "join" my computers to my Azure AD?

3 Replies

yes! i think you should, to benefit from all the features you get regarding managebility and security. Also automatic upgrade to win 10 enterprise

Please read more here:

 

https://docs.microsoft.com/sv-se/azure/active-directory/devices/azuread-joined-devices-frx

 

Adam

Yes. If it is Out of Box device use Windows Autopilot feature to configure and add them to AAD using Microsoft Intune.

 

If the devices are already Domain Joined, then use Work account from settings to get the device registered to AAD.

Hi Robert,

I am in agreement with the others. If you have Microsoft 365 then:

1.) You can upgrade these Win 10 pros to Win 10 Business or Enterprise depending on your Win 10 SKU

2.) Enrolling them into Azure AD means you can then manage them with Microsoft Intune and apply compliance, configuration and app protection policies to the local machines. This includes functionality like enforcing bitlocker, passwords, closing down the windows store, turning off the cameras and numerous other things.

3.) By Azure AD joining you can push the bitlockers keys up to the Azure AD user

4.) If you have the right Microsoft 365 SKU you can start implementing application SSO with Azure AD

5.) You can set up Autopilot so that as soon a new machine joins AAD it is setup out of the box

Pete I do a good article how to join a machine:

https://www.petri.com/join-windows-10-to-azure-active-directory

Best, Chris