cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Intune Connector installation - Hybrid Azure AD Join

oryxway
Iron Contributor

‎Aug 21 2022 07:17 AM

‎Aug 21 2022 07:17 AM

Intune Connector installation - Hybrid Azure AD Join

Hi 

 

I would like to know whether the Intune Connector that needs to be installed should be installed on separate servers or should it be installed on the domain controllers? 

 

Thank you

 

Labels:
2,654 Views
0 Likes
4 Replies
Reply
4 Replies
Durrante

‎Aug 22 2022 03:00 AM

‎Aug 22 2022 03:00 AM

Re: Intune Connector installation - Hybrid Azure AD Join

Hey, it can be installed on DC's and non-DC's, however, your org may not allow installations on DC's so best check your policies. But from a functional level, it doesn't really matter other than your connector must be located fairly close to your DC's so latency isn't an issue. See more: https://docs.microsoft.com/en-us/mem/autopilot/windows-autopilot-hybrid#before-you-begin
1 Like
Reply
Kurt Mayer

‎Aug 22 2022 01:23 PM

‎Aug 22 2022 01:23 PM

Re: Intune Connector installation - Hybrid Azure AD Join

@oryxway 

 

Another thing to consider is proximity placement with the ODJ Connector. If you have multiple AD sites and are running Autopilot joins at each site, you should place a connector on a server at each site. This improves the response time for the domain join. If the connector is on the DC or on the same subnet as a DC, it'll likely respond faster. Similarly, keeping it close to AD Connect also reduces the sync cycle latency when it replicates the information to Azure AD, thus helping Autopilot to complete sooner.

 

Please like or mark this thread as answered if it's helpful, thanks!

0 Likes
Reply
oryxway390

‎Aug 23 2022 08:26 PM

‎Aug 23 2022 08:26 PM

Re: Intune Connector installation - Hybrid Azure AD Join

@Durrante  Thanks Durrante. It looks like Hybrid Azure AD join is only possible with a VPN connectivity? Is that true? Without VPN remote devices would not be joining? 

 

So, I moved to Azure AD join and I am getting an error and this is the error in User Device Registration event log

 

20220823_222052 Error.jpg

20220823_174000 (1).jpg

Next, Is there any enrollment restrictions that could be causing the problem or conditional access?

I see that in the device settings it has around 20 and only couple of users who have permissions to join the domain.  Could this 20 devices restrictions causing this issue?

 

 

0 Likes
Reply
Durrante

‎Aug 24 2022 08:28 AM

‎Aug 24 2022 08:28 AM

Re: Intune Connector installation - Hybrid Azure AD Join

Yes, connectivity to your domain controllers is needed.

With your 2nd issue, I would suggest looking at your Azure AD device joining permissions and your MDM enrolment user scopes.
0 Likes
Reply