User Profile
IvoDuarte
Copper Contributor
Joined 8 months ago
User Widgets
Recent Discussions
Re: Hybrid Join Process - Question
Arne_Tiedemann , Thanks for your time reading and replying my post 👍 In my organization we have hybrid join working with SCP set in the Forest configuration. The targeted deployment of Microsoft Entra hybrid join looks a good approach too, thx for sharing! Here, everything is running and working fine. 🙂 I still have some doubts because i did a test where seems to me that Entra Connect was not used for nothing. Let me explain my test: I've joined a device/computer into on-prem AD, out of the Organization Unit synchronized by Entra Connect. Entra Connect worked fine, it did not synchronized the device.... as expected! Also the device is not in the Metaverse, so far so good.... A user signed-on in the computer. The Automatic-Device-Join task ran. The computer userCertificate attribute was populated. I can see the device in Entra ID portal. That's why I'm not understanding the role of Entra Connect in the process. Following Microsoft documentation (How Microsoft Entra device registration works - Microsoft Entra ID | Microsoft Learn) Step D --> is not making me sense in my test... Step G --> The task sends a device registration request to Azure DRS that includes the ID token, certificate request, tkpub, and attestation data. Azure DRS validates the ID token, creates a device ID, and creates a certificate based on the included certificate request. Azure DRS then updates the device object in Microsoft Entra ID and sends the device ID and the device certificate to the client. I would say that Azure DRS updates the device object but it also creates a device object in case it does not exist in Microsoft Entra ID Anyway I was just trying to clarify this, i'm not facing any issues with the process on the daily basis, objects are synched and joined, so far so good... but I was just wondering what is the role of Entra Connect after all in this specific process... Once again thx for replying, All the best!! Ivo402Views0likes3CommentsHybrid Join Process - Question
Hello all, I'm looking for information regarding Hybrid Join process because it is not clear for me, this is what I have: Entra Connect syncs what I have under the OU I have specified on its configurations. I have joined a new device to on-prem AD, out of that OU, therefore Entra Connect will not sync the device. The device can reach the Microsoft endpoints (Network connectivity requirements accomplished) What happens when Entra Connect does not sync the device but it's triggered the Automatic Device Join task? Will it become hybrid join even without Entra Connect synched it? I have read this: Hybrid join is a process initiated from the device itself and Azure AD. Hybrid Join does not depend on, nor is able to be achieved from Azure AD Connect, though AAD Connect does stage the device in Azure, allowing policies to be more immediately applied and AAD Connect Is this correct? So, when Entra Connect syncs the device the purpose is only to, let's say, provision the device in Entra ID ? If Entra Connect does not sync the device, Hybrid Join will happen no matter what? The process is documented here: How Microsoft Entra device registration works - Microsoft Entra ID | Microsoft Learn but I still have doubts 😞 Many thanks! Best regards, Ivo Duarte507Views0likes6Comments
Groups
Recent Blog Articles
No content to show