Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Azure AD and On Prem AD - Can Group Policy Co-Exist?

Iron Contributor

Hello all,


I am looking to roll out some surface tablets that will rarely, if ever be in the office / connected to our network.  As a result, my plan is to Azure AD Join (and enroll in EMS) these devices but not join them to on-prem ADDS.


I have been doing some digging into Azure AD Group Policy -- can this co-exist with my on-prem GPOs?  I know that I only get 1 GPO in Azure - but my thought would be to spin up an Azure VM, install GPMC so I can manage the GPO for these tablet / cloud only devices.


Or is there a better way?




2 Replies

Azure AD Join does *not* support GPOs. Azure AD Domain services does, and is limited to the one as you've read. The two are different features however, we discussed this recently here:


Depending on the kind of settings you want to enforce, Office 365 MDM or Intune might be useful.

Thank you for clearing this up.