Mar 25 2020 02:52 PM
Hi All
Not sure if this should be here or in the Azure AD section.
I'm looking to implement a Controlled validation of Hybrid Azure AD Join / Auto enrollment in Intune via GPO, using the MS guide below as a reference:
https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-control
My questions are:
Would like to hear from anyone who has implemented this
Regards
Mar 27 2020 01:33 AM
Mar 27 2020 02:35 AM
Hi Buddy
What I would like to do is:
Regards
Mar 27 2020 03:44 AM
This is the way I do it:
- Create GPO with registry edits and apply to test OU
- If succesfull, delete GPO
- Assign domain wide policy through AAD connect (https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-managed-domains)
BTW: best make sure all the computers are W10 1803 in order to avoid dual state (https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan#review-cont...)
Mar 28 2020 05:37 AM
Hi Buddy
So the process would be:
In essence, DO NOT TOUCH AADC until Controlled Hybrid Azure AD Join is verified OK?
Regards
Mar 30 2020 06:55 AM
Apr 06 2020 06:37 AM
Sorry, I did mention before about applying the Controlled Hybrid GPO to the test OU BEFORE touching AADC, but I assume the TEST OU must be included in the AADC sync with the syncing of devices as per below?
Apr 06 2020 06:39 AM
Apr 06 2020 07:09 AM
Do the devices need to be in a group or is the OU sufficient for the Controlled Hybrid test?
Regards
Apr 06 2020 07:12 AM
Apr 06 2020 07:14 AM
Apr 06 2020 09:09 AM
Apr 06 2020 10:19 AM
Could you troubleshoot it using this article? https://365bythijs.be/2019/11/02/troubleshooting-hybrid-azure-ad-join/