Azure AD Hybrid cloud kerberos trust - not working

GonWild 426 Reputation points
2022-10-04T11:59:19.66+00:00

Hi,

https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust?tabs=intune

I tried setting this up. It's not working as client(AAD join only) cannot get a ticket(it got the settings I set up 'Cloud trust for on-premise auth policy Enabled: True).

One domain only, Win2022 DCs.

Get-AzureADKerberosServer list half of attributes empty-->

CloudDisplayName :
CloudDomainDnsName :
CloudId :
CloudKeyVersion :
CloudKeyUpdatedOn :
CloudTrustDisplay :

Any idea?

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,943 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,422 questions
{count} votes

1 answer

Sort by: Most helpful
  1. GonWild 426 Reputation points
    2022-11-30T07:32:33.187+00:00

    In case someone else encounters this:

    We managed to solve this by running the Set-AzureADKerberos server command again, using a user that was synced from on-prem, and also assigned global admin rights to our tenant.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.