Joining existing device to azure ad

Halogeen 231 Reputation points

Which ways would be possible to get an existing device with Windows 10 1809 LTSC (Member of an Active Directory) managed via intune - and how can the user then log in with their azure ad credentials?

I already figured out that executing a provisioning package isnt a solution: I always get the error "0x8007000D". Found out it has sth to do with the LTSC-Version which isnt able to execute those Provisioning Packages.

In my opinion the only way is to "Enroll only in device management" (screenshot). But in order to do that I have to type in the Administrator Account of the AD-Domain. The AD Domain will be turned off in the future, so we dont want to do hybrid join, and no enrollment via GPO.

The next question I have is: When enrolling that device with "Enroll only in device management" my device has a connection to AD and MDM. Is that a problem? Should I delete the connection to the on premise world first?

Last Question: What do I need to do in order to enable a user then to log in with their azure credentials?


Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,163 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Nick Hogarth 3,431 Reputation points

    A device can't be joined to both on-prem AD and Azure AD. It would need to be unjoined from the on-prem domain first, then joined to Azure AD (make sure there is a local user admin account and be careful of data loss for profiles etc) "Enroll only in device management" will enrol the device Intune (and register it in Azure AD but not join Azure AD)

  2. Pa_D 1,066 Reputation points

    1) Use script to collect hardware hash.
    2) Add them into Autopilot.
    3) Do a reset of the device, and go through Autopilot OOBE scenario.

    Since you are moving away from AD, use Autopilot with Azure AD Join.

  3. Crystal-MSFT 36,761 Reputation points Microsoft Vendor

    @Halogeen , From your description, it seems you want to migrate from on-premise AD to Azure AD. If there's any misunderstanding, feel free to let us know.

    Based on my research, I find an article for the reference:
    Note: Non-Microsoft link, just for the reference.

    If you want to know more about the migration, please contact Azure AD support with tag "azure-active-directory":

    For Intune enrollment, there are many methods, we can choose one in our environment:

    Hope it can help.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments