Open in app

Sign in

Write

Sign in

My Journey: How to Enroll Devices Manually Hybrid #Azure AD Joined

Meron
5 min readFeb 26, 2021

--

In my new blog post, I wanted to share my experience on how you can manually Hybrid Azure AD join to later allow them to be automatically enrolled into Intune/MEM

How to Enroll devices manually to Hybrid AAD joined

Devices can be on one of the following statuses in the Azure platform.

1. Azure AD join

2. Hybrid Azure AD Join

3. Azure AD registered devices

To enroll devices into Intune/Microsoft Endpoint Manager devices need to be Hybrid AAD joined or Azure AD joined.

Note: A hybrid state refers to more than just the state of a device. For a hybrid state to be valid, a valid Azure AD user also is required.

If devices are in Azure AD registered state for a long period of time, they will become stale.

A stale device is a device that has been registered with Azure AD but has not been used to access any cloud app for a specific period.

· https://docs.microsoft.com/en-us/azure/active-directory/devices/manage-stale-devices

Tip: Before enrolling devices to be Hybrid AAD join or Azure AD join, we need to make sure the devices are not in a stale state.

Steps to clean-up the stale devices

  1. dsregcmd /debug/leave — this allows us to delete the Stale or Azure AD registered device.

2. dsregcmd /status — we will check if the system has been removed.

Not necessary for our steps right now — dsregcmd /Join — this allows us to rejoin the device to the Azure AD.

To automatically get devices into a Hybrid Azure AD joined state, do the following:

But I want to share with you my journey and how to enroll devices manually using a Reg key which is a good way of testing it out and troubleshoot join errors:

1. Open a Command prompt as Administrator

Tip: this will allow you to open other windows in Administrative privileged windows

2. Type Regedit

3. Got to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion

4. Right-click on the CurrentVerion

5. Create New Key CDJ

6. Right-click on the newly created Key CDJ, select New — then string Value

7. The above steps allow you to create a sub Key under CDJ type AAD

8. Create a sub–String Value under AAD

9. Rename the new string Value — to Tenant

https://aad.portal.azure.com/ — you can copy and paste your Tenant ID from the Azure Active Directory portal

10. Create another string Value under AAD

Your tenant name can be xxxx.com/ xxxx.gov / xxxx.edu

11. Click Ok

Finally,

Open Task Scheduler as an Administrator

Go to Microsoft —>Windows — — →WorkPlace Join

Right-click on the Automatic — Device Join

Give the process 30- 60 Seconds and refresh and check with

Dsregcmd /status to check If devices are Hybrid Azure AD joined

Do you know: “If you are an #Office365, Azure, or #Dynamics CRM Online customer, you might not realize that you are already using Azure AD. Every Office365, Azure, and Dynamics CRM tenant is already an Azure AD tenant. Whenever you want you can start using that tenant to manage access to thousands of other cloud applications Azure AD integrates with." Source #Microsoft

Recommendation

Reference for Learning

Always let me know.

1. If you have any questions, please do not hesitate to reach out.

2. If you want me to cover a topic.

3. If you are struggling in finding your next step in your career, we will work together to find your journey and find the right mentors to connect to

OR

You want a study buddy — Let me know Love to Help!

E-mail: blacklionm@protonmail.com

Twitter: @Blacklionm1

#Blacklionm1 #MEM #WomenITpros #Immigrant #Dreamer #microsoftcertification #certification #Intune #MEM #MDM #MobileDeviceManagement #Microsoft #MSIgnite

Especially thank you to the people who invested their time to help me achieve my set goal in my journey

Thomas_Live, Cgill, Simon Binder, JL

--

--

Meron

Written by Meron

22 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams