Currently looking into migration options for an existing fleet of Windows 10 AD domain-joined PCs to Azure AD-joined in a target Azure AD tenant (no synchronization in place, don't want to put in place either due to 'cloud only' model)
The three migration options I see:
1) Manual - Manually unjoin AD domain, user joins azure ad domain, reboot and user logs-in, move legacy profile contents over to new azure ad profile (manual or third party)
2) AutoPilot User-Driven - Register devices in AutoPilot to target tenant, create deployment profile in target tenant, add the device to deployment group in target tenant and reboot PC, user logs in and goes through autopilot process
3) AutoPilot User-Driven with White Glove - Register devices in AutoPilot in target tenant, create deployment profile in target tenant, add the device to deployment group in target tenant and reboot PC, technician pre-provisions new profile then reseals, user logs in and goes through autopilot process
Can someone confirm that 2 and 3 are valid options, or if there are any methods I am missing? As in I can register a Windows 10 on-prem domain-joined PC to an Azure AD instance (no synchronization) and use autopilot to migrate the PC to being Azure AD joined.
To be honest it seems like going through the autopilot options opens the door for more issues then setting up AD connect and syncing the objects, insure that GPOs and other computer properties are moved over as well, then start cutting ties to the legacy DC servers. The other part to look at is if O365 or other applications are federated with the "old" domain that the applications are prepare to take the new sign in.
If your not creating a new domain and just moving everything to the cloud then you should be able to migrate the domain to the cloud and verify that the computers are authenticating with the cloud. That way you wont have to unjoin or rejoin any computers.