I am with a local IT Company
I am joining multiple computers from different companies to the Azure Active Directory. My question is for best practice, should I use our Administrative account to join to the Domain in our local Admin Account and then switch to get the users to login with their email address and password on the main screen or do I get the user that is primarily using the computer login to the Azure Active Directory as an Administrator in the local Admin Account and then switch accounts and allow him to login in.
I am using a local Admin account and then going to Edit Users and Access Work or School to connect to the Azure Active Directory.
I am afraid that if we deactivate the users account that we signed into the Azure Active Directory it will take the computer out of sync with Azure Active Directory. Also it is instantly making that person an Administrator when adding their email via access work or school/connect to Azure Active Directory. So some concerns too.
Just looking for best practices as well as answers.