Skip to main content

RAD Hybrid Join FAQ

Hybrid Azure AD Join has been implemented with RAD and now available for use. A device is said to be hybrid joined if it has both an AD object and an Azure AD (AAD) object, which allow users of that device to sign in with a RAD user account.

With Hybrid Joins the University can now leverage:

  • Device Based licensing for Office 365
    • This allows Office to be tied to the Device rather than the User, making it ideal for enterprise or shared devices.
  • Reduced logins due to the device being assign both RAD and Azure authentication tokens

Azure Hybrid Join Configuration Profile

  • Single Sign-On for Office 365 reducing authentication (Learn more)
  • Auto-activation for Microsoft Windows 10 through Azure and RAD Group Policy
  • Device Based licensing for Office 365 (What is Device Based Licensing?)
Link to this Answer

Yes. departments would need to have their own OU in RAD. There is no central group currently to manage devices for departments.

Link to this Answer

Devices already connected to RAD will see no difference. If a department would like to have RAD devices Hybrid Joined, a request needs to be submitted to EDM_support@oit.rutgers.edu to enable the synchronization.

Link to this Answer

Devices running Windows 10 Pro and above are currently supported.

Link to this Answer

No, however iOS and Android devices can be managed in Intune.

Link to this Answer

Devices can be encrypted through BitLocker through RAD or Azure.

Link to this Answer

No, however an Autopilot device can be joined to RAD via Configuration Profiles.

Link to this Answer

The domain with automatically synchronizes RAD joined objects to Azure and it becomes a hybrid device automatically. If the device does not exist in Azure or RAD, it will need to be joined to the RAD domain either via a profile or manual join.

Link to this Answer

Yes, the interface for Azure is https://endpoint.microsoft.com

Link to this Answer

You should only disable an Azure AD device if you have lost the device, or the device is no longer in use. If you disable an Azure AD device, you will be unable to perform any Azure AD authentications from that device. You will not be able to re-enable it. There is a high impact to the end user of a mistakenly disabling an Azure AD device.

Microsoft Office products (including Microsoft 365 Apps) require the device to be registered with the Azure AD of the user account to allow sign in.

Link to this Answer

In order to disable Hybrid Joins, email EDM_support@oit.rutgers.edu to stop the synchronization of the requested OU.

Link to this Answer