![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 25%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
25,081 questions
Thank you for your time and patience. I was able to test this in my lab and found the following:
- I have a pre exiting Entra ID tenant with some Mobile, Entra ID joined, Entra Id registered and HybridAD join autopilot devices.
- I configured a new on prem AD and configured the device options to "device writeback"
- I could see only devices which existed in my pre-configured Entra ID tenant were written back to the container.
- No devices which were present in AD and were not hybrid AD joined or Entra ID joined were duplicated.
Also device write would copy all the device objects which are registered in Entra ID:
So the devices which are pre-registered to Entra ID by any means will be written back however device-based CA would be applicable to Windows hello for business cert trust enabled devices.
If you don't have any further queries and the suggestion above answers your ask, please "Accept the answer", This will help us and others in the community as well.
Thanks,
Akshay Kaushik