Join Windows 10 to Azure Active Directory
In today’s Ask the Admin, I’ll show you how to join Windows 10 to Azure Active Directory (AAD) and why you might want to do that.
Organizations that mainly use SaaS apps based in the cloud, such as Office 365, might consider allowing users to join devices to AAD — the identity management service that powers Office 365 and other cloud-based platforms. The key advantage for users is that they get single sign-on access to Office 365 web apps and other programs that support the Web Account Manager, such as the built-in Mail app in Windows 10.
Other scenarios where AAD domain join might come in handy is for temporary contractors who need access to cloud-based apps, or when permanent employees buy their own devices but would still like simplified access to corporate apps but without joining the device to an on premise Active Directory domain.
Microsoft Intune and Mobile Device Management
Organizations also benefit by being able to extend management capabilities to devices joined to Azure AD. Mobile Device Management (MDM) support is built-in to Windows 10, and while not as extensive as Active Directory Group Policy, MDM might provide enough control in many cases. Microsoft Intune is a separate subscription service that allows companies to manage Windows 10 devices in the cloud without needing an onsite AD infrastructure.
Join Windows 10 to Azure AD
As part of the out-of-box-experience (OOBE) setup procedure in Windows 10, users have the option to join the device to AAD. This requires valid AAD credentials and that AAD be configured to allow users to join devices.
Alternatively, follow the instructions below to join Windows 10 to AAD using the Settings app.
- Log in to Windows 10 as a local administrator.
- Click the Start button.
- Click Settings in the bottom left corner of the Start menu.
- In the Settings app, click System.
- Click About on the left of the System screen in the Settings app.
- Click Join Azure AD on the right.
- In the Join Azure AD dialog, click Continue.
- On the Let’s get you signed in screen, enter your Azure AD username – in the following format: [email protected] – and password, and then click Sign in.
- Read the information on the Allow this device to be managed? screen and click Accept.
- Sign out of the local user account.
- Click Other user at the bottom of the login screen.
- Enter the credentials of an Azure AD user.
More in Windows 10
August Patch Tuesday Updates Fix 121 Vulnerabilities and Improve Focus Assist
Aug 10, 2022 | Laurent Giret
Microsoft Brings Windows 11's Universal Print Capabilities to Windows 10
Aug 9, 2022 | Rabia Noureen
Windows 11 to Add New Multi-App Kiosk Mode for IT Admins
Jul 29, 2022 | Rabia Noureen
Microsoft Retires Windows Information Protection in Favor of New Purview Service
Jul 22, 2022 | Rabia Noureen
How to Use the Icacls Command to Manage File Permissions
Jul 20, 2022 | Michael Reinders
July Patch Tuesday Updates Fix 84 Vulnerabilities and LDAP Gets TLS 1.3
Jul 13, 2022 | Laurent Giret
Most popular on petri