Autopilot Hybrid Azure AD Join
Рет қаралды 22,953
Күн бұрын
@TechConect Жыл бұрын
ChatGPT Tutorial - A Crash Course on Chat GPT for Beginners kzbin.info/www/bejne/o2jOo3-Fqsh4ntU
@JLALALALA Жыл бұрын
That was a good, concise explanation of the process. Our organization is running hybrid AAD in a global tenant and this is pretty much how we do it, scaled up for enterprise with extras like group tags, ztdids, enrollment status page, dynamic azure groups, app bundles. I’d be interested in seeing a well made video of using the group policy remediation tool in real world situations and another for universal print.
@holdfastmackinaw Ай бұрын
I found this video before trying the setup and I am glad I did. It worked perfectly!! Thanks!!!
@nassimelboutaibi4772 7 ай бұрын
You’re the best man!!! Was struggling a lot bro!
@akterCloudPro 19 күн бұрын
Brilliant! Excellent work. I have one question: Is the 'Device Writeback' a mandatory requirement when implementing Windows Autopilot Hybrid Join? What’s its purpose, especially since the Intune connector is used for joining devices to Active Directory?
@TechConect 19 күн бұрын
It is not mandatory and Autopilot should work fine without it.
@lazaromgsp 10 ай бұрын
Thank you so much for all the teachings you've been sharing; it's been very helpful to me. Could you create a video about having two environments running simultaneously in Intune with Autopilot? I'm looking to manage hybrid machines and 100% Azure machines being added simultaneously. I've attempted to replicate this, but I'm having trouble understanding how to do it or getting it to work. Thank you!
@TechConect 10 ай бұрын
You will need to create a second profile for the Azure only Autopilot, I explained it in this video here: Autopilot Azure AD Join kzbin.info/www/bejne/d4e2p5uZia2sbZo
@avinash0072355 7 ай бұрын
Kudos to you, excellent video!
@aubreyporter4080 10 ай бұрын
Great Video!!
@matthunt5022 5 ай бұрын
Excellent video, really helped. I am setting devices up remotely for Hybrid intune. I can see the device in the server and in the cloud but I am not able to sign into the device due to it not being able to communicate with the server. Is there a way like the normal intune that it can sign in with the office 365 credentials rather than the domain credentials?
@TechConect 5 ай бұрын
The device has to contact the DC to authenticate if hybrid joined, you can pre-connect to VPN if this is an option, otherwise if this device will never connect with DC and you want to login with the office 365 credentials then you can watch the video to connect to Azure AD only not hybrid joint
@NileshKelkar87 9 ай бұрын
Hello , nice video. just want to ask, will all on prem Group policies will be applied ?
@TechConect 9 ай бұрын
If you have GPOs inherited or applied to the OU that the session hosts are in then yes they will apply
@NileshKelkar87 9 ай бұрын
@@TechConect ohhhh reallyy......then yes we want to deploy hardening GPOs as well and security policies as well.. but again reconfirming, without user connecting to office network , with this setup all GPOs will get applied ? or user once need to connect office network to apply GPOs ? please give reply
@TechConect 9 ай бұрын
Unless the PC contacts the domain controller to get the GPOs, nothing will apply, so they will need to connect using VPN or be in the office. If they do not connect to the office network at all, then I don't see a value in doing hybrid join, rather you can do Azure AD join and create/apply the policies from intune directly. here is a video that shows you how to setup Azure AD join. kzbin.info/www/bejne/d4e2p5uZia2sbZo
@NileshKelkar87 9 ай бұрын
@@TechConect ok got it..i followed all steps as per your Hybrid autopilot video, but in the last...not able to login into Machine using Domain user.........it is strange..... I am getting error while first time login. "we cannot sign with credential because domain is not available" . do you know how to solve this problem ?
@TechConect 9 ай бұрын
Verify that the Autopilot PC joined the domain by looking into the OU in active directory and if it is, then verify that the PC can reach the domain controller, in my Demo, the PC and domain controller where at the same site
@YvetteNtamon 3 ай бұрын
This is a great video
@BACKSPIN9ball Жыл бұрын
Thanks for another Great video ,everything made complete sense except Since you had 2 deployment profiles How did Intune know to assign Hybrid deployment profile instead of the other one which I can assume was for Non Domain joined PCs. How does Intune know to assign what deployment profile to that specific machine. Are you using some kind of a rule/query
@TechConect Жыл бұрын
I assigned the Intune Devices Group to the Hybrid profile and that's how Intune knows. Please watch the Video again, you will hear me talking about it.
@BACKSPIN9ball Жыл бұрын
@@TechConect that I heard very clearly my confusion came in when I noticed you had 2 deployment profiles. Is the second deployment profile assigned to a second Dynamic device group for example for the standard Azure AD only devices. And if so the 2 DYnamic device groups must be using different queries . And to that note How did your VM know to pick assign itself to which group to get the Hybrid Autopilot deployment profile instead of the 2nd one . I’m trying to be as clear as possible but limited cos English is not a first language but you should understand what am trying to convey Thanks again
@TechConect Жыл бұрын
@@BACKSPIN9ball yes, a different dynamic group, you can create a group using a different query like device name starts with LT-. But generally companies do either hybrid join or azure AD join not both.
@dis1guy Ай бұрын
Im not seeing the white glove pre-provisioning. Will this work on these type of set up?
@TechConect Ай бұрын
yes when creating the profile select yes for option Allow pre-provisioned deployment and it should work
@rajeevbawari7222 8 ай бұрын
very good.
@khez5179 5 ай бұрын
Don’t you need pre login and vpn configuration in order for user to authenticate to the domain to login for the first time? am currently doing this for my org and am testing to see if it will work.
@TechConect 5 ай бұрын
As I explained in the topology I have the PC and the DC at the same location, but if your PC is not then you will need to setup VPN to pre connect
@imtiazali1628 Жыл бұрын
Thank you so much for detailed video can you plz create one video on pre provissioning?
@TechConect Жыл бұрын
There are 2 links in the description that shows how to upload hashes and create a dynamic group
@user-aa40 7 ай бұрын
So with this setup I can deploy local GPOs to it ( printers, drive mappings etc ) and if I get new machines I can deploy Intune App and Config profiles to build the new machines, best of both worlds?
@TechConect 7 ай бұрын
Correct
@ajinkyamali9505 5 ай бұрын
are you not configuring ESP enrollment status page?
@TechConect 5 ай бұрын
I did not configure it in this demo but it’s a good practice to configure it.
@shoaibalichaudhary5675 Жыл бұрын
how much time did it take to reach the windows login screen after putting in your credentials? have you tried pre-provisioning?
@TechConect Жыл бұрын
It took about one hour, the time depends on your location and Internet speed.
@rselva100 Жыл бұрын
For me, device gets stuck in ESP page at account setup ( joining to organisation network) after entering domain cred … i ran the delta sync AD connect but no change it still waits for at the same page
@kisoune4068 3 ай бұрын
Did you find the solution ?
@nery2182 27 күн бұрын
does your device meet the requirements? ESP needs TPM, more than 2 nucleus in your processor, secure boot and 64bits os.
@dewsk1787 5 ай бұрын
I followed all of these steps and it went smoothly, except my test device gets stuck on "please wait while we setup your device..." Any tips? It never populates in the OU I created on AD.
@TechConect 5 ай бұрын
1. Verify that the device can reach the domain controller 2. Verify Intune AD connector is healthy in the portal. 3. Check the event logs on the device for any errors or warnings 4. Verify AD connect is configured for hybrid join 5. Verify the you applied the correct permissions to the OU 6. Test with a Different Device
@madhav06 Жыл бұрын
Exactly where to install Azure AD connector ( in DC or other device)
@TechConect Жыл бұрын
AD Connect can be installed on any domain joined server or DC
@rselva100 Жыл бұрын
why device writeback option is configured in AAD connect..What's the purpose and why it's needed for Hybrid AD join scenarios.
@TechConect Жыл бұрын
Although write-back is not a requirement, however, several times when I did not have it enabled I ran into all kinds of issues including but not limited to having 2 Devices of the same PC in azure without consolidation.
@Sabs761010 Жыл бұрын
can you please confirm if instead to run the script in the OOBE you can configure an intunes auto register in Azure register setup options?
@TechConect 11 ай бұрын
Usually if you are purchasing PCs from a vendor like Dell, they can pre-register them through Microsoft API
@odilonirakoze Жыл бұрын
Thanks for the video but my machine cannot reach the domain
@goncalolizandro8668 9 ай бұрын
did you solve it?
@RINGO1811 Жыл бұрын
Why did you have to run cmd commands?
@TechConect Жыл бұрын
Just to speed things up, but usually AD Connect runs every 1/2 hour
CloudManagement.Community
Рет қаралды 40 М.
MSFT WebCast
Рет қаралды 27 М.