Hybrid Azure AD join benefits without Intune?

EnterpriseArchitect 5,516 Reputation points
2021-09-30T11:15:58.377+00:00

Hi Folks,

I am using Azure AD Connect to sync my OnPremise AD DS to Azure AD Premium P2 as part of my Hybrid Exchange environment.

I wonder what will be the benefits and disadvantages when using Hybrid Azure AD join for all of my existing domain-joined Workstations (Laptop & Tablet)?

https://learn.microsoft.com/en-us/azure/active-directory/devices/plan-device-deployment#hybrid-azure-ad-join

I do not have Intune license yet, hence wondering what's the benefits of doing these additional steps of joining Azure AD.

Any help and comments will be greatly appreciated.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,736 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,526 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Paul van Berlo 821 Reputation points
    2021-09-30T11:38:10.663+00:00

    Even without having the devices enrolled in Intune, you'll get certain benefits. These are listed specifically on this page. You will basically get these features:

    Key capabilities

    1. SSO to both cloud and on-premises resources
    2. Conditional Access through Domain join or through Intune if co-managed
    3. Self-service Password Reset and Windows Hello PIN reset on lock screen
    4. Enterprise State Roaming across devices

    Obviously by extending it with Microsoft Endpoint Manager/Intune you'll get even far greater control over these devices, but there's nothing stopping you from setting this up already to leverage things like SSO, SSPR etc.

    2 people found this answer helpful.
    0 comments No comments

  2. Limitless Technology 39,731 Reputation points
    2021-10-01T08:12:51.447+00:00

    EnterpriseArchitect

    Organizations with existing Active Directory implementations can benefit from some of the functionality provided by Azure Active Directory (Azure AD) by implementing hybrid Azure AD joined devices.

    These devices are joined to your on-premises Active Directory and registered with Azure Active Directory.

    Hybrid Azure AD joined devices require network line of sight to your on-premises domain controllers periodically. Without this connection, devices become unusable. If this requirement is a concern, consider Azure AD joining your devices.

    To get to know more about Hybrid Azure AD joined devices, do check out the below link

    https://learn.microsoft.com/en-us/azure/active-directory/devices/concept-azure-ad-join-hybrid

    ---------------------------------------------------------------------------------------------------------------------

    Hope this answers all your queries, if not please do repost back.
    If an Answer is helpful, please click "Accept Answer" and upvote it : )

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.