In my organization devices are azure ad registered(intune enrolled)+ domain joined .when i enable entra hybrid join it shows dual state like entra registered(intune) and entra hybrid joined in entra id.How can i make entra hybrid joined to Intune enrolled

2024-06-13T14:27:29.29+00:00

In my organization devices are azure ad registered(intune enrolled)+ domain joined .when i enable entra hybrid join it shows dual state like entra registered(intune) and entra hybrid joined in entra id.How can i make entra hybrid joined to Intune enrolled and removed the entra registered state.Around 1000 devices are their it is difficult form me to manually unenroll intune& entra registered device and enroll to hybrid join and intune enroll.

Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,314 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,710 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,494 questions
0 comments No comments
{count} votes

Accepted answer
  1. Crystal-MSFT 45,911 Reputation points Microsoft Vendor
    2024-06-14T01:53:37.9166667+00:00

    @Srinivas Pasupuleti - CyberSecurity, Thanks for posting in Q&A. From your description, it seems you want to change the Microsoft Entra registered device to Microsoft Entra Hybrid joined. and enroll into Intune. Based on my experience, there's no direct way to do. You need to remove the device from Intune firstly and re-enroll. To retire these devices from Intune, we can choose retire action in Intune portal.

    https://learn.microsoft.com/en-us/mem/intune/remote-actions/devices-wipe#retire

    And you can retire devices in bulk.

    https://learn.microsoft.com/en-us/mem/intune/remote-actions/bulk-device-actions

    After that, ensure all the Microsoft Entra registered devices records are removed in Mcirosoft Entra. if not, delete it in Microsoft Entra portal.

    After all the above are removed, we can plan to do Microsoft Entra Hybrid Joined.

    https://learn.microsoft.com/en-us/entra/identity/devices/hybrid-join-plan

    As a note, to confirm if Microsoft Entra Hybrid Joined successfully, you can run "dsregcmd /status" and check if AzureAdJoined, DomainJoined and AzureAdPrt are all yes.

    https://learn.microsoft.com/en-us/entra/identity/devices/troubleshoot-hybrid-join-windows-current

    Then we can consider doing Intune enrollment. For your scenario, the recommended enrollment method is GPO enroll. Here is a link with more details:

    https://learn.microsoft.com/en-us/windows/client-management/enroll-a-windows-10-device-automatically-using-group-policy

    I notice there are 1000 devices you want to change. To avoid any impact, please firstly test on some devices before we do it on all the devices.

    Hope the above information can help.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

0 additional answers

Sort by: Most helpful