![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 71%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,195 questions
Thank you for posting your query on Microsoft Q&A, as per above description it seems like your end users are not able to login with there on prem UPN on Hybrid AD join devices with personal network.
Please do correct me if this is not the case by responding in the comments section.
Yes, this is true you could login with your on-prem creds when devices become hybrid AD join. However, you need to review on-premises AD users UPN support for Microsoft Entra hybrid join.
- If on-premises AD users UPNs are different from your Microsoft Entra UPNs. In these cases, Windows 10 or newer Microsoft Entra hybrid join provides limited support for on-premises AD UPNs based on the authentication method, domain type, and Windows version. There are two types of on-premises AD UPNs that can exist in your environment.
- You may also verify Microsoft Entra hybrid join state of 2 or 3 impacted devices.
- Also if the devices haven't been in the domain network for considerable time then you need to bring them in as:
Microsoft Entra hybrid joined devices require network line of sight to your on-premises domain controllers periodically. Without this connection, devices become unusable. If this requirement is a concern, consider Microsoft Entra joining your devices.
Thanks,
Akshay Kaushik
Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.