On-prem AD devices joining to Azure AD - confused on Windows 10 vs Server devices supported

John Q 11 Reputation points
2022-01-28T05:06:17.833+00:00

We have an on-prem AD environment with Windows 10 joined devices. We want to also join them to Azure AD so we can manage them with InTune.
From what I understand, you configure Azure AD Connect and deploy a GPO to enroll them.
What I'm confused about is whether that includes Server OS's -- are we going to see a bunch of server name objects showing up in Azure AD as registered or joined that don't need to be?
At this page https://learn.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan#review-supported-devices it is saying servers are supported. Is that referring to a GPO that enrolls/joins the systems into Azure AD if they're on-prem AD whether they're Windows or Server?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Intune | Other
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. Nick Hogarth 3,521 Reputation points Volunteer Moderator
    2022-01-28T05:43:06.04+00:00

    A device can't be joined to an on-prem domain and Azure AD Joined. Sounds like you are referring to enabling Hybrid Azure AD Join (which is just joining the on-prem domain and registering in Azure AD)

    Servers can't enroll in Intune, but depending on your configuration, they may get Hybrid Azure AD Joined which isn't a bad thing. Do you have any specific concerns?

    That link refers to enabling Hybrid Azure AD Join (not enrolling into Intune). There is a seperate GPO to enroll devices into Intune, and thats only for Windows 10/11 and not Server. https://learn.microsoft.com/en-us/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy

    2 people found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.