Forum Discussion
Azure AD Conditional Access - Require Domain Joined Device
Does the ‘Domain Join’ checkbox in Azure AD Conditional Access require Azure AD Domain join, or does it mean on-premises Domain Join? The attached screen shot says ‘Not Azure AD Domain Join’ but the ...
- Correct, that would be on-prem AD domain-join.
Why it's confusing is because it's possible to have on-prem AD domain-joined PCs automatically register and enroll with Azure AD.
Not really, though from memory you can enroll Windows 7 devices into Intune, which would implicitly register them. Though if you're going to go through that, you may as well set up Hybrid AAD Join.
One additional question:
What about shared workstations for shift workers? Will the same device be registered in Azure AD for every user individually after sign-on?
What about shared workstations for shift workers? Will the same device be registered in Azure AD for every user individually after sign-on?
If you're registering devices, then yes though in my experience if you're Hybrid AAD Joining then a user object won't get associated with a device object which I found strange.
