Join a device to UIC's Azure Active Directory through the use of a Group Policy Objects and verify that the device has successfully entered a hybrid join state.
This only applies to Windows devices.
Add the following setting to a group policy object linked to your devices:
- Navigate to: Computer Configuration > Policies > Administrative Templates > Windows Components > Device Registration.
- Edit "Register domain-joined computers as devices" and set it to enabled.
- Click Apply and OK.
NOTE: if you don't have any blank GPOs available and would like to request one for this, please submit an Active Directory service request and select "Request new GPOs for your department".
Force policy refresh on your client:
- Log onto device.
- Open a command prompt.
- Type the following command: gpupdate /force
OR
- Reboot device.
NOTE: You can also wait for the device to refresh policies, instead of forcing a refresh, which can take up to an hour.
To verify that a device is enrolled in Azure AD:
- Log onto device
- Open a command prompt (does not need to be as an administrator).
- Type the following command: dsregcmd /status
- At the top of the output, the device should say "YES" for both Azure AD Joined and Domain Joined.
NOTE: Azure AD Join can take some time (more than 5 minutes).
All information was obtained from Microsoft's official documentation.
If you experience any issues with Azure AD hybrid join, please submit an Endpoint Management support request.