Share via

Adding windows 10 PC to azure active directory

Avinash Mohod 1 Reputation point
2021-01-27T23:06:54.343+00:00

I am designing AD solution for small company having 5 users. I am looking at option to add users PC directly to Azure AD instead of installing on-premise AD. I need confirmation if we can do that. if it is possible, do we need configure any additional services or servers on Azure side to make it work. Also which firewall ports need to opened so that user sitting in office can get authenticated with Azure AD.

Microsoft Security Microsoft Entra Microsoft Entra ID
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Abhijeet-MSFT 546 Reputation points Microsoft Employee
    2021-01-28T09:26:30.393+00:00

    Hi @Avinash Mohod , you can definitely go ahead and add the device to your Azure AD. Make sure that you have enabled the option for "Users may join devices to Azure AD" (https://learn.microsoft.com/en-us/azure/active-directory/devices/device-management-azure-portal#configure-device-settings). Secondly, the computer can be joined to Azure AD domain during the Windows 10 setup or after the setup is completed. These steps need to be completed by the user (https://learn.microsoft.com/en-us/azure/active-directory/user-help/user-help-join-device-on-network). For ports, you need allow network connectivity to URL's listed under point 56 of https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide#microsoft-365-common-and-office-online

  2. Avinash Mohod 1 Reputation point
    2021-01-28T13:10:15.037+00:00

    Thank you for response. Regarding the ports need to opened...I believe it will only be opened from windows 10 client to Azure. Do we need to open any ports from Azure to internal network?

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.