In this Article,We will see how to Sync Devices which are On-Premises domain joined computers to sync to Azure AD as Hybrid domain joined computers. How to install AADConnect using the Express Installation, Please refer the Article How to install AADConnect using the Express Installation,Please refer the Article
Let’s begin the configuration,
Click on Azure AD Connect to begin the configuration.
Select Configure Device Options and Click on Next
Read about what is Hybrid Azure AD Joined and Device Writeback and click on Next
Note: in this Article, we are not going to see Device Writeback
Enter Azure AD Global Administrator Account Credentials and Click on Next
Select Configure Azure AD Join and Click on Next
Enter the Details to add the SCP(Service connection point) in the On-Premises Active Directory. It is very much required to do the Hybrid domain join in the backend without users invention.
Enter the Active Directory Enterprise administrator Account Credentials
You can enable the SCP by running the configuration or else you can download the Script to get it enabled in later stage
Select the device types you need to enable the Hybrid AD domain join
Click on Configure to begin the Configuration
All the elevations done to sync the devices. but that is not enough, we need to do few more additional steps to make this to work.
Post configuration tasks for Hybrid Azure AD join
1. Set Azure AD policy for Windows down-level devices • Log-in to your account in the Azure portal. • Go to: Azure Active Directory > Devices > Device settings • Set “Users may register their devices with Azure AD” to ALL and Click on Save
2. Configure group policy to allow device registration
Create a Group Policy Obeject or enable the below settings in the domain based Group Policy.
<Edit & go to:Computer Configuration > Policies > Administrative Templates > Windows Components > Device Registration
3. Initialize ADSyncDomainJoinedComputerSync
You need to type Azure AD Directory sync Account,
Initiate full sync using the below command, Start-ADSyncSyncCycle -PolicyType Initial
Post that all the Applicable Devices based on the OS Versions it will start to Hybrid AD domain Join.