Introduction
If you have an on-premises Active Directory Domain Services (AD DS) setup and you want to join your AD DS domain-joined computers to Azure Active Directory, you can complete this exercise by doing a hybrid Azure AD join.
In this article, I will let you know how to set up an Azure hybrid AD environment.
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Prerequisites
- On-Premies Active Directory AD with Admin Credentials
- Windows 10 or Later on-prem domain joined the PC
- Azure Subscription
- Azure Active Directory AAD with Global Administrator Credentials
- Pass-through Authentication with SSO
If you want you can use this article for the Pass-through Authentication with SSO configuration Click here
Step 1
This is my On-prem Active Directory Domain Service and also Azure AD connect installed Server
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 2
This is my Windows 11 PC domain joined and I have logged in from the domain user
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 3
Before setup Azure hybrid Active Directory you can verify your AzureADJoined details via cmdlet.
dsregcmd /status
Device State>DomainJoined> Check the AzureADJoined: Yes/No
In my case still, Azure hybrid is not configured. Only I have joined my local domain (Windows AD)
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 4
Navigate to your Azure AD Connect agent tool in your On-premies Active Directory and select Configure
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 5
Select configure device options and click Next
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 6
In Overview click Next
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 7
Here it would help if you connected to Azure AD using your azure Global Administrator privilege
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 8
Select Configure Hybrid Azure AD join and Next
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 9
Select Windows 10 or later domain-joined devices and click Next
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 10
Forest>Select your local domain>Authentication Service> Azure Active Directory>Enterprise Admin> Add your local domain Administrator Credentials.
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 11
Once done verified click Next to configure.
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Step 11
Successfully configured my Azure hybrid AD
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Verifying Azure hybrid-joined details
Option 01 from Client PC
Step 1
Now going to restart your Windows 11 domain-joined PC and verified the device state
Step 2
Open CMD in your Windows 11 and type the following cmdlet.
dsregcmd /status
Successfully my client device has AzureAdJoined: YES
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Option 02 from Azure AD
Step 3
Sign in to your AzureAD> Select>Devices
Successfully working Azure Hybrid AD-joined windows 11 client PC
Now you can manage the devices from Windows AD and Azure AD
![How to Configuring Hybrid Azure AD Join Devices in a Managed Domain]()
Conclusion
This article taught us to configure Azure hybrid AD with Pass-through authentication PTA and Seamless-Sign-On SSO. And if you have any questions please contact me.