How to test Hybrid joining current on-prem devices to Azure

Justin Lee 221 Reputation points
2023-03-28T00:49:32+00:00

My company wants to hybrid join some current on-prem devices to Azure to test to ensure that flipping the switch on AAD Connect wont cause any issues. Is there a way to do this? Are there any issues with converting the whole forest to hybrid if no devices or users have been targeted within Azure groups?

I can not find good documentation for this.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,565 questions
Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,366 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,088 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,840 questions
{count} votes

Accepted answer
  1. Crystal-MSFT 48,766 Reputation points Microsoft Vendor
    2023-03-28T01:32:44.4233333+00:00

    @Justin Lee, Thanks for posting in Q&A. It seems you want to do Hybrid Azure AD join for the devices in your domain.

    Based as I know, before we do Hybrid Azure AD join, we can enable password hash to sync the device and user password to Azure AD. As a test, you can choose one OU just with the test device and test user in to sync to Azure AD. Here is a link with more details:

    https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization#enable-password-hash-synchronization

    After that, configure Hybrid Azure AD using the steps in the following link. In this link, there are two options. One is for managed domain and the other is for federation domain. If there's no federation domain in your environment, you can choose the steps under managed domain.

    https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-hybrid-azure-ad-join

    You can verify the hybrid Azure AD join using the steps in the following link:

    https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-hybrid-join-verify

    Then you can test if anything is affected on the test device. If everything is working, you can enable the password hash for all the devices in the domain to make them Hybrid Azure AD join.

    If you want know more about Azure AD connect or Hybrid Azure AD join, you can contact Azure Active Directory support to get more help.

    Hope the above information can help.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.