Hi folks, hope you can help - I've been turning up a blank for my question everywhere I look.
I would like to turn off traditional cached credentials and use AAD login/password to access the laptop when on-domain and off-domain, but I simply cannot find information on whether this is possible or not.
- I have a normal AD domain joined laptop.
- Traditionally, I would used cached credentials to be able to log in when "off-domain".
- We also have ADConnect with Password Hash set up.
So:
- When attached to the corp network, I would like to log in with normal login (domain\user) or the Azure style UPN (user@keyman .com) and access all on-domain resources. I don't mind if we have to move to UPN only.
- When roaming (off corp network) I would still be able to login with the same UPN, so I can get access to my local profile on the laptop, and access any resources that are still presented through AAD.
I have a hybrid joined laptop, but it will not let me log in as the user off domain (states that domain could not be contacted, as it's looking for my on-domain AD server it seems).
Is it possible? How can I achieve this?
Thanks