question

RichardSincennes-8904 avatar image
0 Votes"
RichardSincennes-8904 asked MarileeTurscak-MSFT answered

Identify non hybrid joined devices

Hello,

We need to identify the devices that have not been hybrid joined in our organization. I know on a given computer you can run the command DSREGCMD /Status and look for AzureADjoined: No & DomainJoined: Yes.

I was wondering if there was a way to get all the devices that would have AzureADjoined: No from Azure AD ?

Is there a Reg Key or Event Viewer entry that can be queried on the device that would show the AzureADJoined fail ?

Thanks,
Richard

azure-ad-hybrid-identity
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

There isn't anything out-of-the-box for this that I'm aware of, but as you mentioned, you can run dsregcmd /status and then return a boolean that shows if the device is compliant (hybrid joined) or non-compliant (non Hybrid Joined). There is an example of this in this related Reddit thread, Collection for Hybrid Joined Devices.

You could also probably create some custom script to filter out the non-domain joined devices. There is an example of the opposite query here.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.