Autopilot Hybrid Azure AD Join

Поділитися
Вставка
  • Опубліковано 4 гру 2024

КОМЕНТАРІ • 52

  • @TechConect
    @TechConect  Рік тому

    ChatGPT Tutorial - A Crash Course on Chat GPT for Beginners
    ua-cam.com/video/m7krLOucEhs/v-deo.html

  • @JLALALALA
    @JLALALALA Рік тому +2

    That was a good, concise explanation of the process. Our organization is running hybrid AAD in a global tenant and this is pretty much how we do it, scaled up for enterprise with extras like group tags, ztdids, enrollment status page, dynamic azure groups, app bundles.
    I’d be interested in seeing a well made video of using the group policy remediation tool in real world situations and another for universal print.

  • @holdfastmackinaw
    @holdfastmackinaw Місяць тому

    I found this video before trying the setup and I am glad I did. It worked perfectly!! Thanks!!!

  • @nassimelboutaibi4772
    @nassimelboutaibi4772 8 місяців тому +1

    You’re the best man!!! Was struggling a lot bro!

  • @lazaromgsp
    @lazaromgsp 11 місяців тому +1

    Thank you so much for all the teachings you've been sharing; it's been very helpful to me. Could you create a video about having two environments running simultaneously in Intune with Autopilot? I'm looking to manage hybrid machines and 100% Azure machines being added simultaneously. I've attempted to replicate this, but I'm having trouble understanding how to do it or getting it to work. Thank you!

    • @TechConect
      @TechConect  11 місяців тому

      You will need to create a second profile for the Azure only Autopilot, I explained it in this video here:
      Autopilot Azure AD Join
      ua-cam.com/video/AVSvhcTHy78/v-deo.html

  • @avinash0072355
    @avinash0072355 8 місяців тому +1

    Kudos to you, excellent video!

  • @akterCloudPro
    @akterCloudPro Місяць тому

    Brilliant! Excellent work.
    I have one question: Is the 'Device Writeback' a mandatory requirement when implementing Windows Autopilot Hybrid Join? What’s its purpose, especially since the Intune connector is used for joining devices to Active Directory?

    • @TechConect
      @TechConect  Місяць тому

      It is not mandatory and Autopilot should work fine without it.

  • @kakindekombo3158
    @kakindekombo3158 9 днів тому

    thank you for this video 🙂

  • @rselva100
    @rselva100 Рік тому +1

    For me, device gets stuck in ESP page at account setup ( joining to organisation network) after entering domain cred … i ran the delta sync AD connect but no change it still waits for at the same page

    • @kisoune4068
      @kisoune4068 4 місяці тому

      Did you find the solution ?

    • @nery2182
      @nery2182 Місяць тому

      does your device meet the requirements? ESP needs TPM, more than 2 nucleus in your processor, secure boot and 64bits os.

  • @matthunt5022
    @matthunt5022 6 місяців тому

    Excellent video, really helped. I am setting devices up remotely for Hybrid intune. I can see the device in the server and in the cloud but I am not able to sign into the device due to it not being able to communicate with the server. Is there a way like the normal intune that it can sign in with the office 365 credentials rather than the domain credentials?

    • @TechConect
      @TechConect  6 місяців тому +1

      The device has to contact the DC to authenticate if hybrid joined, you can pre-connect to VPN if this is an option, otherwise if this device will never connect with DC and you want to login with the office 365 credentials then you can watch the video to connect to Azure AD only not hybrid joint

  • @NileshKelkar87
    @NileshKelkar87 10 місяців тому

    Hello , nice video. just want to ask, will all on prem Group policies will be applied ?

    • @TechConect
      @TechConect  10 місяців тому +1

      If you have GPOs inherited or applied to the OU that the session hosts are in then yes they will apply

    • @NileshKelkar87
      @NileshKelkar87 10 місяців тому +1

      @@TechConect ohhhh reallyy......then yes we want to deploy hardening GPOs as well and security policies as well.. but again reconfirming, without user connecting to office network , with this setup all GPOs will get applied ? or user once need to connect office network to apply GPOs ? please give reply

    • @TechConect
      @TechConect  9 місяців тому +1

      Unless the PC contacts the domain controller to get the GPOs, nothing will apply, so they will need to connect using VPN or be in the office.
      If they do not connect to the office network at all, then I don't see a value in doing hybrid join, rather you can do Azure AD join and create/apply the policies from intune directly.
      here is a video that shows you how to setup Azure AD join. ua-cam.com/video/AVSvhcTHy78/v-deo.html

    • @NileshKelkar87
      @NileshKelkar87 9 місяців тому

      @@TechConect ok got it..i followed all steps as per your Hybrid autopilot video, but in the last...not able to login into Machine using Domain user.........it is strange..... I am getting error while first time login. "we cannot sign with credential because domain is not available" . do you know how to solve this problem ?

    • @TechConect
      @TechConect  9 місяців тому

      Verify that the Autopilot PC joined the domain by looking into the OU in active directory and if it is, then verify that the PC can reach the domain controller, in my Demo, the PC and domain controller where at the same site

  • @dis1guy
    @dis1guy 2 місяці тому

    Im not seeing the white glove pre-provisioning. Will this work on these type of set up?

    • @TechConect
      @TechConect  2 місяці тому +1

      yes when creating the profile select yes for option Allow pre-provisioned deployment and it should work

  • @YvetteNtamon
    @YvetteNtamon 4 місяці тому

    This is a great video

  • @aubreyporter4080
    @aubreyporter4080 11 місяців тому +1

    Great Video!!

  • @khez5179
    @khez5179 6 місяців тому

    Don’t you need pre login and vpn configuration in order for user to authenticate to the domain to login for the first time? am currently doing this for my org and am testing to see if it will work.

    • @TechConect
      @TechConect  6 місяців тому

      As I explained in the topology I have the PC and the DC at the same location, but if your PC is not then you will need to setup VPN to pre connect

  • @user-aa40
    @user-aa40 8 місяців тому

    So with this setup I can deploy local GPOs to it ( printers, drive mappings etc ) and if I get new machines I can deploy Intune App and Config profiles to build the new machines, best of both worlds?

  • @rselva100
    @rselva100 Рік тому

    why device writeback option is configured in AAD connect..What's the purpose and why it's needed for Hybrid AD join scenarios.

    • @TechConect
      @TechConect  Рік тому

      Although write-back is not a requirement, however, several times when I did not have it enabled I ran into all kinds of issues including but not limited to having 2 Devices of the same PC in azure without consolidation.

  • @shoaibalichaudhary5675
    @shoaibalichaudhary5675 Рік тому

    how much time did it take to reach the windows login screen after putting in your credentials? have you tried pre-provisioning?

    • @TechConect
      @TechConect  Рік тому

      It took about one hour, the time depends on your location and Internet speed.

  • @dewsk1787
    @dewsk1787 6 місяців тому

    I followed all of these steps and it went smoothly, except my test device gets stuck on "please wait while we setup your device..." Any tips? It never populates in the OU I created on AD.

    • @TechConect
      @TechConect  6 місяців тому

      1. Verify that the device can reach the domain controller
      2. Verify Intune AD connector is healthy in the portal.
      3. Check the event logs on the device for any errors or warnings
      4. Verify AD connect is configured for hybrid join
      5. Verify the you applied the correct permissions to the OU
      6. Test with a Different Device

  • @BACKSPIN9ball
    @BACKSPIN9ball Рік тому

    Thanks for another Great video ,everything made complete sense except Since you had 2 deployment profiles How did Intune know to assign Hybrid deployment profile instead of the other one which I can assume was for Non Domain joined PCs.
    How does Intune know to assign what deployment profile to that specific machine.
    Are you using some kind of a rule/query

    • @TechConect
      @TechConect  Рік тому +2

      I assigned the Intune Devices Group to the Hybrid profile and that's how Intune knows.
      Please watch the Video again, you will hear me talking about it.

    • @BACKSPIN9ball
      @BACKSPIN9ball Рік тому

      @@TechConect that I heard very clearly my confusion came in when I noticed you had 2 deployment profiles. Is the second deployment profile assigned to a second Dynamic device group for example for the standard Azure AD only devices. And if so the 2 DYnamic device groups must be using different queries .
      And to that note How did your VM know to pick assign itself to which group to get the Hybrid Autopilot deployment profile instead of the 2nd one .
      I’m trying to be as clear as possible but limited cos English is not a first language but you should understand what am trying to convey
      Thanks again

    • @TechConect
      @TechConect  Рік тому +1

      @@BACKSPIN9ball yes, a different dynamic group, you can create a group using a different query like device name starts with LT-.
      But generally companies do either hybrid join or azure AD join not both.

  • @ajinkyamali9505
    @ajinkyamali9505 6 місяців тому

    are you not configuring ESP enrollment status page?

    • @TechConect
      @TechConect  6 місяців тому

      I did not configure it in this demo but it’s a good practice to configure it.

  • @madhav06
    @madhav06 Рік тому +1

    Exactly where to install Azure AD connector ( in DC or other device)

    • @TechConect
      @TechConect  Рік тому

      AD Connect can be installed on any domain joined server or DC

  • @imtiazali1628
    @imtiazali1628 Рік тому

    Thank you so much for detailed video can you plz create one video on pre provissioning?

    • @TechConect
      @TechConect  Рік тому

      There are 2 links in the description that shows how to upload hashes and create a dynamic group

  • @Sabs761010
    @Sabs761010 Рік тому

    can you please confirm if instead to run the script in the OOBE you can configure an intunes auto register in Azure register setup options?

    • @TechConect
      @TechConect  Рік тому +2

      Usually if you are purchasing PCs from a vendor like Dell, they can pre-register them through Microsoft API

  • @rajeevbawari7222
    @rajeevbawari7222 9 місяців тому

    very good.

  • @odilonirakoze
    @odilonirakoze Рік тому

    Thanks for the video but my machine cannot reach the domain

  • @RINGO1811
    @RINGO1811 Рік тому

    Why did you have to run cmd commands?

    • @TechConect
      @TechConect  Рік тому

      Just to speed things up, but usually AD Connect runs every 1/2 hour