Device Azure AD Join with Azure AD Free

Alberto Sartor 25 Reputation points
2023-06-12T22:02:17.39+00:00

Is it possible to do Azure Ad Join device without having Azure AD P1 licenses and without having any mdm?

Simply having all M365 Business Standard and Basic licenses, therefore Azure AD Free.

If yes, what are the limits? Obviously there will be no device management or conditional access.

Thank you

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments No comments
{count} votes

Accepted answer
  1. Sandeep G-MSFT 20,906 Reputation points Microsoft Employee Moderator
    2023-06-13T07:53:27.4766667+00:00

    @Alberto Sartor

    Yes, it is possible to perform Azure AD join with M365 Business Standard and Basic licenses, or Azure AD Free edition.

    With this you can surely join your device to Azure AD. But managing device in Intune is not possible.

    To manage device in Intune you need one of the following,

    • Microsoft 365 E5
    • Microsoft 365 E3
    • Enterprise Mobility + Security E5
    • Enterprise Mobility + Security E3
    • Microsoft 365 Business Premium
    • Microsoft 365 F1
    • Microsoft 365 F3
    • Microsoft 365 Government G5
    • Microsoft 365 Government G3
    • Intune for Education

    https://learn.microsoft.com/en-us/mem/intune/fundamentals/licenses

    Yes, you will not be able to use conditional access policy as well. Because for conditional access policy the basic requirement is Azure AD Premium P1.

    The cheapest plan for adding your computers to Azure Active Directory (Azure AD) is the Azure AD Basic plan. This plan includes the following features:

    • User and group management: Create, manage, and delete users and groups, and manage group membership.
    • Authentication and access control: Control access to cloud and on-premises resources, and authenticate users with multi-factor authentication (MFA).
    • Device management: Join devices to Azure AD and manage them with conditional access policies.
    • Application management: Control access to cloud and on-premises applications, and enable single sign-on (SSO) for users.
    • Self-service password reset: Allow users to reset their own passwords without the need for IT assistance.

    Let me know if you have any further questions.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.