Forum Discussion

torquetechit_tonyd's avatar
torquetechit_tonyd
Brass Contributor
Mar 23, 2021

Device Rename in HAADJ environment

Hi, Wondering if there is a supported process for the renaming of devices which have been Hybrid Joined.   As we know the device naming setup is currently limited to only being able to provide a p...
Intune
mobile device management (mdm)
Durrante's avatar
Durrante
Brass Contributor
Mar 27, 2021
Hope this helps: https://oofhours.com/2020/05/19/renaming-autopilot-deployed-hybrid-azure-ad-join-devices/
  • Targetpractice's avatar
    Targetpractice
    Copper Contributor
    Mar 29, 2021
    The problem with Michaels script is that if the object currently exists in your on-prem AD it fails to rename the computer which will require someone to go into AD and remove it manually.
    • torquetechit_tonyd's avatar
      torquetechit_tonyd
      Brass Contributor
      Mar 31, 2021
      Thanks @Targetpractise and Durrante for you replies.

      I am testing out a combination of the scripts as we are not using SCCM for device co-management.

      Basically, combining the component where it get the device serial number to create the new device name, then checks if it exists already in AD and continues.

      It would be good to have an idea when the naming conventions for HAADJ will be updated to enable the use of %Serial% as per a cloud only joined machine.

      Cheers
      Tony
      • Targetpractice's avatar
        Targetpractice
        Copper Contributor
        Apr 01, 2021
        The script that Durrante posted is from Michaels page, he was for a long time the head of Autopilot at Microsoft so he knows his stuff. Only problem I had with his script was that it runs in the users/computers context and if the object existed in AD it wouldn't have the needed permissions to delete the old object, and would then fail to rename because the object already exists. That's why I wrote mine and run it through SCCM with an AD admin level account so it can do the object cleanup and not have to grant everyone full permissions. The other option you can do is to modify his script, the schedule task part, and tell it to run as an account with full AD permissions, the risk there is username and password would be easy to extract from the script.
        In the script you can add the -user & -password switch to the register task part
        Register-ScheduledTask -User SYSTEM -Action $action -Trigger $triggers -TaskName "RenameComputer" -user"USERNAME" -password "PASSWORD" -Description "RenameComputer" -Force

        I am on weekly calls with MS and a few of their engineers for Autopilot and I have been asking for the %SERIAL% option for about 2 years now. They tell me its not even on the roadmap yet and may never be for Hybrid Join.