Joining mulitiple computers to Azure Active Directory

Question

I am with a local IT Company

I am joining multiple computers from different companies to the Azure Active Directory. My question is for best practice, should I use our Administrative account to join to the Domain in our local Admin Account and then switch to get the users to login with their email address and password on the main screen or do I get the user that is primarily using the computer login to the Azure Active Directory as an Administrator in the local Admin Account and then switch accounts and allow him to login in.

I am using a local Admin account and then going to Edit Users and Access Work or School to connect to the Azure Active Directory.

I am afraid that if we deactivate the users account that we signed into the Azure Active Directory it will take the computer out of sync with Azure Active Directory. Also it is instantly making that person an Administrator when adding their email via access work or school/connect to Azure Active Directory. So some concerns too.

Just looking for best practices as well as answers.

Thanks

Answer 1

Hi @Jason Fritz , I recommend Bulk enrollment for Windows 10. This will allow you to join the devices to Azure AD without providing admin rights to primary user. You can also use the autopilot feature for joining Windows 10 machines to Azure AD. Refer to this page for comparison between join options. I hope this helps! Please let me know if you have any questions.

If this answer helped you, please mark it as "Verified" so other users may reference it.

Thank you,
James