Hybrid Azure AD Join has been implemented with RAD and now available for use. A device is said to be hybrid joined if it has both an AD object and an Azure AD (AAD) object, which allow users of that device to sign in with a RAD user account.
With Hybrid Joins the University can now leverage:
For information view the support page for Azure Hybrid Join Configuration Profile.
Yes. departments would need to have their own OU in RAD. There is no central group currently to manage devices for departments.
Devices already connected to RAD will see no difference. If a department would like to have RAD devices Hybrid Joined, a request needs to be submitted to EDM_support@oit.rutgers.edu to enable the synchronization.
Devices running Windows 10 Pro and above are currently supported.
No, however iOS and Android devices can be managed in Intune.
Devices can be encrypted through BitLocker through RAD or Azure.
No, however an Autopilot device can be joined to RAD via Configuration Profiles.
The domain with automatically synchronizes RAD joined objects to Azure and it becomes a hybrid device automatically. If the device does not exist in Azure or RAD, it will need to be joined to the RAD domain either via a profile or manual join.
Yes, the interface for Azure is the Microsoft Intune Admin Center.
You should only disable an Azure AD device if you have lost the device, or the device is no longer in use. If you disable an Azure AD device, you will be unable to perform any Azure AD authentications from that device. You will not be able to re-enable it. There is a high impact to the end user of a mistakenly disabling an Azure AD device.
Microsoft Office products (including Microsoft 365 Apps) require the device to be registered with the Azure AD of the user account to allow sign in.
In order to disable Hybrid Joins, email EDM_support@oit.rutgers.edu to stop the synchronization of the requested OU.