Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Hybrid Azure AD Join - registered Domains

Brass Contributor

Hello All,

 

I would like to understand better what are the prerequisites regarding Hybrid Azure Join Setup within the Windows Active Directory and ADFS (if used). Regarding the Microsoft Documentation i cannot fully understand if all the internal AD Domains also need to be registered in the Tenant or not ?

For Example we have Single Forest with Root domain name lets call dummy.net but our users computers are in us.dummy.net or eu.dummy.net and so on. Our UPN and officially registered Domain in the Tenant is dummy.com.  the .net Domain and all the Child Domains are not registered in the Tenant as we do not use those names publicly. 

 

The official Article im refering to: 

https://docs.microsoft.com/en-us/azure/active-directory/device-management-hybrid-azuread-joined-devi...

 

This whole process is strongly linked to the verified Domains in the Tenant. The Example in the Article obviously goes only from the very optimal scenario and the assumption that my local AD is used single domain model and public domain registered to the tenant. the Examples does not explain how this process works for a multi domain forest with a lots of different clients and Setup.

 

Any help would be appreciated.

 

Cheers

Ueli

 

3 Replies

The internal domain(s) do not need to be registered in the Tenant, a lot of organisations have un-routable domain.local suffixes internally 

Hi Mitch,

 

Ok thanks. So basically we do not have to care about the internal Domains the computer are actually joined to right ? 

 

Means the Option in the Script to: set $verifiedDomain = "contoso.com" # Replace this with any of your verified domain names in Azure AD"    it can be any of multiple registered Domain Names within the Tenant ?   like a Placeholder ? 

 

Best regards

Ueli

Exactly :)