This is going to be a short blogpost on the updated experience on what it looks like for a user doing a out of the box Azure AD Join in the Anniversary Edition of Windows 10. There is a few and cool new things giving the user a much better experience.
One thing to notice is that Convenience Pin is disabled by default for Domain Joined or Azure AD Joined machines. Read on to learn how this affects the users.
In my previous blogpost Intune: Upgrade Windows 10 Edition to Enterprise I was telling how you can configure Microsoft Intune to upgrade your PC’s from Pro to Enterprise Edition. This blogpost is going to show the user experience on how the upgrade itself works from a user perspective with screenshots and explanations. Continue reading
For a while now, Microsoft has been talking about the opportunity to upgrade from Pro to Enterprise Edition of Windows 10 from Intune. The same is for upgrading to Education Edition if you are a School. Finaly this feature has now come to Intune. This means you can upgrade your devices by simple joining them to Azure AD Continue reading
There is a issue on Azure AD Domain joined machines if you want to add AzureAD users to a local group. Lets say you want to enable a user to log on remote to a AzureAD joined machine or you want to add users to the local administrators group. The GUI doesn’t support this at all because you are not able to check for users in the cloud. Continue reading
I have been working with setup of MFA required for enrollement in Intune abit lately and have discovered a couple of things that is not really explained well in the Intune console/documentation.
Enrollment of devices in Intune will in most cases also trigger a device registration in Azure AD. This registration in Azure AD can easily be connected to a MFA requirement by just configure your Azure AD to require MFA for device registration. But this does not apply to all scenarios, so in this blogpost I am going to go into each plattform and explain what happens during enrollment and how the MFA is triggered. I will also cover different options for enrollment of Windows 10 Mobile. Continue reading
Recommended blogpost from Jairo Cadena at Microsoft:
Source: Azure AD Join: What happens behind the scenes?
Azure AD Join was introduced in Windows 10 and allows a Windows 10 device to register with Azure Active Directory (Azure AD) and allows Azure AD users to sign-in to the device using their work credentials or more commonly know as their O365 credentials.
Users on these devices will enjoy Single Sign-On (SSO) to Office 365 or other SaaS applications.
The really cool part is that if this user is working within the corporate network the user can enjoy SSO to on-premises Integrated Windows Authentication based resources as well, provided the organization has enabled this functionality. Continue reading
It has been a while since my last blogpost as I have been on parental leave with my 1 year old son. I have also got a new employment since then and are now working for Lumagate AS in Norway as a Senior Consultant. Over to the important stuff 🙂
Domain joining a PC has been the way for companies in a long time to make sure they have a common identity inside their network and control of the PCs in their network. This does not change with Windows 10. However new possibilities come to play when Azure AD becomes a part of the picture. Continue reading
Microsoft announced today that between today 20th Aug and 31st Aug they will deliver a service update to Intune. You can check when your tenant is scheduled for mainenance on this link when logged into your Intune tenant. View Service Status The link is also available under Admin inthe Intune Console. Continue reading
So I have been testing around a bit with password changes on Windows 10 when my machine is joined to Azure AD. I have testet a few scenarios and would like you share my impressions. All scenarios are based on a Cloud Only enviroment and does not have any connections to an OnPremise AD. Continue reading