How do I join a device to Azure Active Directory using MECM?

Summary

You can allow your devices to automatically hybrid join through either a new or existing Client Settings policy.

Body

You can allow your devices to automatically hybrid join through either a new or existing Client Settings policy.
 

Configure Client Settings Policy

  1. Navigate to Administration/Client Settings in the Administration Console.
  2. View properties of an existing policy or create a new one.
  3. Check box for Cloud Services, if not already checked.
  4. Click on the tab for Cloud Services on the left of the policy window.
  5. Change the "Automatically register new Windows 10 domain joined devices with Azure Active Directory" to "Yes" in the drop down box.
  6. Click Ok.

 

Make sure to deploy your client settings to your devices for it to apply. After your devices get the policy during their next client refresh, they should automatically enroll in Azure AD as a hybrid joined device.

 

To locally verify that a device is enrolled in Azure AD:

  1. Log onto device
  2. Open a command prompt (does not need to be as an administrator).
  3. Type the following command: dsregcmd /status
  4. At the top of the output, the device should say "YES" for both Azure AD Joined and Domain Joined.

 

NOTE: Azure AD Join can take some time (more than 5 minutes).

 

All information was obtained from Microsoft's official documentation.

 

If you have any questions or issues getting your device to hybrid join Azure AD, please submit an Endpoint Management support request.

Details

Details

Article ID: 709
Created
Fri 1/15/21 7:03 PM
Modified
Tue 10/15/24 12:16 PM