cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Hybrid identity and device ownership inconsistency

aghi234
Copper Contributor

‎Apr 23 2020 07:00 PM

‎Apr 23 2020 07:00 PM

Hybrid identity and device ownership inconsistency

We're in the process of rolling out Intune. Today we noticed several windows devices didn't show up in Devices in Azure AD under their User. Some windows devices were marked as Azure AD registered for join type, others still have Hybrid Azure Joined. In both cases, Owner is marked  N/A

At Intune portal these device show up as managed by Intune with the correct user for enrolled by

 

Anyone see this? Is this an expected behavior?

Any reason these devices are changing their join type? why would the user owner disappear?

9,148 Views
0 Likes
5 Replies
Reply
5 Replies
best response confirmed by aghi234 (Copper Contributor)
ChristianBergstrom

‎Apr 24 2020 12:58 AM - edited ‎Apr 24 2020 01:14 AM

‎Apr 24 2020 12:58 AM - edited ‎Apr 24 2020 01:14 AM

Solution

Re: Hybrid identity and device ownership inconsistency

@aghi234 

Let me get back to you (old info in MS docs).

*edit*

 

The first info I attached didn't have the correct information. I will report it to MS.

 

But this do have the correct info so take a look here and it will explain the behavior:

"Windows 10 devices that are hybrid Azure AD joined don't show up under USER devices. Use the All devices view in the Azure portal"

https://docs.microsoft.com/en-us/azure/active-directory/devices/faq

 

Also, take a look at this for general information https://docs.microsoft.com/sv-se/azure/active-directory/devices/overview

 

1 Like
Reply
Thijs Lecomte

‎Apr 24 2020 06:51 AM

‎Apr 24 2020 06:51 AM

Re: Hybrid identity and device ownership inconsistency

Could you tell us more about your current environment?

Are your devices joined to an on-prem AD and then hybrid joined?
0 Likes
Reply
aghi234

‎Apr 24 2020 07:48 AM

‎Apr 24 2020 07:48 AM

Re: Hybrid identity and device ownership inconsistency

@ChristianBergstromThanks for clarifying! It's still frustrating since the devices show up in Intune but not Azure AD

 

@Thijs Lecomteyes, devices are joined on-prem and then hybrid-joined by pushing a group policy  

0 Likes
Reply
Thijs Lecomte

‎Apr 26 2020 08:21 AM

‎Apr 26 2020 08:21 AM

Re: Hybrid identity and device ownership inconsistency

If they are on-prem joined.
All of your devices should sync as 'hybrid azure ad joined' in the end.
I assume you have configured AAD connect to enable hybrid azure ad join?
https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan

If a device is aad registered, starting from Windows 1803 the registered device should automtically be cleanup and it should Hybrid join. (https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan#handling-de...).

If your devices are not 1803, you might need a manual cleanup
1 Like
Reply
cjsanto

‎Feb 01 2021 06:24 PM

‎Feb 01 2021 06:24 PM

Re: Hybrid identity and device ownership inconsistency

Hi @aghi234 

 

I am working on BitLocker management with Intune policy on hybrid Azure join device. We have on-prem AD that is connected to Azure AD and sync the device using AD connect.

 

According to MS that hybrid join device doesn't have ownership. But we saw in some situations that the ownership transfer to hybrid dedvice after we click Fix It button when MS Account shared experienced error message popped up.

 

If this is an expected behavior is there a way to automate the verification rather than ask user to click Fix it button. 

 

We also noticed that the recovery key process tried to backup the key to on-prem AD which sometime created challenge because some user are working remotely and not connected through vpn all the time. 

 

Thanks.

cjsanto 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by aghi234 (Copper Contributor)
ChristianBergstrom

‎Apr 24 2020 12:58 AM - edited ‎Apr 24 2020 01:14 AM

‎Apr 24 2020 12:58 AM - edited ‎Apr 24 2020 01:14 AM

Solution

Re: Hybrid identity and device ownership inconsistency

@aghi234 

Let me get back to you (old info in MS docs).

*edit*

 

The first info I attached didn't have the correct information. I will report it to MS.

 

But this do have the correct info so take a look here and it will explain the behavior:

"Windows 10 devices that are hybrid Azure AD joined don't show up under USER devices. Use the All devices view in the Azure portal"

https://docs.microsoft.com/en-us/azure/active-directory/devices/faq

 

Also, take a look at this for general information https://docs.microsoft.com/sv-se/azure/active-directory/devices/overview

 

View solution in original post

1 Like
Reply