I have successfully have my device showing as 'Hybrid Azure AD joined' but the Owner is now blank. How do you get the to populate again?
Windows 10 devices that are hybrid Azure AD joined don't show up under USER devices. Use the All devices view in the Azure portal. You can also use a PowerShell Get-MsolDevice cmdlet.
Only the following devices are listed under USER devices:
All personal devices that aren't hybrid Azure AD joined.
All non-Windows 10 or Windows Server 2016 devices.
All non-Windows devices.
Reference document.
Related
For a small office with 5 to 8 PCs I want to setup a central windows login like with a windows domain/AD.
There is a NAS for shared folders in place to store data.
I want to grant permissions on the NAS per user based on two groups – so a very simple setup.
What would be the easiest / simple way to setup?
Windows Server? A linux server with SMB? Azure AD DS? Or anything else?
Thanks for your ideas
If your NAS supports it, Azure AD (not Azure AD DS).
If your NAS dont support it, go all the way with Office365 and store files in the cloud with local sync and use softlinks.
How does microsoft intune changes password policies in enrolled windows 10 pc without changing any registry or group policy settings? When these settings are controlled by a domain controller the changes can be observed in registry or group policy which helps a compliance testing tool to figure out if the settings have been set as per guidelines. How is a compliance testing tool expected to test the settings when they are managed by intune?
IF your devices is Azure AD join then there is no domain controller and it is directly joined to the Azure Active directory. In Intune you can create a compliance policy to manage your organizational resources. As part of your mobile device management (MDM) these settings are added to device configuration profile in Intune and then assigned to your windows 10 devices.
If you want to monitor the device compliance kindly check the document to get more information
If your machine is Hybrid Azure AD join then either you can have Configuration Manager standalone or co-management with Microsoft Intune. But for the password it will be on domain-controller only.
I've inherited a mess from the IT "professional" I replaced and have been unable to successfully lobby for resources to setup a proper domain. I have Windows 10 PC's that are configured as "organizational" PC's not Personal, which allows our users to sign-in with their office365 accounts.
However when they do this they are logged in via AzureAD\ Domain, I'm certain this is the reason they cannot access the shared drives my organization has been using. I would very much like to keep using this AzureAD setup but if I cannot access local network resources it won't work for me.
I've searched around but maybe I haven't been asking the right question to find a solution to my problem, or it's possible one doesn't exist which would be unfortunate.
Has anyone ran into this issue?
Is there a way to access non-AzureAD domain resources from an AzureAD\User Account?
You will need a DC (a virtual machine (VM) in the cloud or a physical server).
That DC has Azure Active Directory (AAD) Connect installed and configured on it. That creates an account in AD that synchronizes accounts and passwords with AAD.
When a computer joined to AAD logs in it sends the login request to AAD. AAD then validates that authentication request against the information synchronized from AD.
If you have workstations and laptops joined to AAD and they try to access a share on a server that is in a different domain than what AAD synchronizes with you are going to need to provide credentials that exist in the server which hosts the resources, you are trying to access.
There are a few right ways to do this as,
If the clients are in a single location and will always be in the same location as the DC then join them to the domain regularly. For clients that will be used in other locations join those computers to AAD and install AAD Connect in the DC.
If you want to move all the servers out of your office spin up a VM for your DC in Azure and deploy a cloud firewall in front of your VM. Create a Site-to-Site Virtual Private Network (VPN) between the cloud firewall and your office firewall. Now join computers that will always be in the office to the domain like normal, join computers that are going to be used remotely to AAD, and install AAD Connect on the DC.
Refer: Windows 10 AAD Azure ad domain joined & SMB share, where similar discussion has been done
I want to automate the following scenario:
I need install a 3rd party software. During this installation, i need to provide the following info:
AD domain name
AD domain controller IP
AD domain username
AD domain password.
If I provide the above info, software will fetch user info from AD.
Instead of creating a separate AD server in another machine, I want to setup a AD setup in my Windows 7 PC itself.
I have tried AD LDS. But I am unable to get info about how to setup the above FOUR parameters.
Any idea on how to solve this issue?
Is there any open source tool to configure the above setup in Windows 7?
I have a windows phone 8 app, I want to link the app user's accounts with their accounts in an active directory.
Is there a way/SDK/service that enables the users to communicate with the active directory server to make use of the roles and identities ?
thanks
A newer approach is to use Azure Active Directory to host (or mirror) your AD roles and identities then make them accessible via an API for apps to consume...
Setting up an Active Direct Forest in Azure
Setting up REST Services (can be used with Windows Store apps)
Calling REST Services from a Windows Phone 8 app
Other options include...
Exposing and communicating with Active Directory's LDAP service
Using LDAP Authentication with PHP for Active Directory