How can we improve Azure Active Directory?

← Azure Active Directory

All Powershell/BASH/script Azure AD join

For converting BOYD to Azure AD in the field w/o user intervention, we need a way for elevated accounts to be able to perform an Azure AD join of devices via script.... come on, this is the basics...

Think of it as MDM self-enrollment... if not that, then give us a one-click way for users to self-enroll the device.

170 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

M.B. shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
unplanned  ·  AdminAzure AD Team (Product Manager, Microsoft Azure) responded  · 

Thanks for the feedback on this. There are several ways to do Azure AD join (OOBE, bulk enrollment and Autopilot) which provide a richer experience to join devices to Azure AD. We’re continuously working to enhance those, so currently this is unplanned for the near future. Please continue to vote to help us prioritize


Ravi

21 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Johan Tongestad commented  ·   ·  Flag as inappropriate

    Related to this; find a powershell (or any script) way to change the exiting AAD connected Windows 10 to a new AAD. I need this for customers who have done an Office 365 to Office 365 migration and for companies that auquire others that already have AAD and want only one AAD. Even for a few workstations this takes time, approx 45-60 min each with manual work (save local data and settings, restore it and configure all apps again.

  • aulu commented  ·   ·  Flag as inappropriate

    We have around 10K+ devices joined to 60 different local forest AD, and we need to move them Azure AD join automatically. Is there any way to help us with bulk Intune/AutoPilot enrolment for those devices via PS? Manual enrolment doesn't work for us, a lot of work and headaches. Windows Configuration Designer can help Azure AD join but we want to add all to the Intune/AutoPilot.
    I will appreciate if you can guide me, thank you.

  • Anonymous commented  ·   ·  Flag as inappropriate

    We need to add about 5000 more devices in Intune and manually joining these are costing a lot of time and money.

  • Anonymous commented  ·   ·  Flag as inappropriate

    This is really holding us up from ramping up a 2000+ seat Azure AD deployment. Can we please get this type of functionality via PowerShell?

  • Scott Glancy commented  ·   ·  Flag as inappropriate

    This seems like a basic feature and shouldn't even require a discussion or a vote to have this available. This is a very poor customer experience for IT administrators. Please provide a PowerShell command to join AzureAD.

  • Patrick C commented  ·   ·  Flag as inappropriate

    I agree there should be a way to script joining AzureAD. Migrations are a pain without it.

  • Robert Biddle commented  ·   ·  Flag as inappropriate

    @707335603-azure-ad-team (OOBE, bulk enrollment and Autopilot) are only useful for new system deployments or forced "Fresh Start".

    We need a solution for existing systems migrating from local AD to Azure AD. Expecting techs to touch every one of these systems is ridiculous.

  • Robert Biddle commented  ·   ·  Flag as inappropriate

    For any MSPs out there, the current process is a nightmare. No reason there can't be a cmd line option to do this. Microsoft is failing to support their partners/customers big time here.

  • Bchuck commented  ·   ·  Flag as inappropriate

    Scenario: You have a fleet of hundreds of Windows 10 laptops managed by either AD/GPO or SCCM. A Global Pandemic causes your entire staff to work remote. You'd like to join the laptops to Azure AD and Intune to maintain some form of remote control. How do you do this when your fleet is already in the field.

    We need a way to Azure AD join workstations with a command. Currently IT admins are handcuffed to sending out SOPs and then causing serious disrupts by blocking connectivity to O365 unless the device is enrolled. Everyone knows most users aren't going to follow SOPs until the last minute if ever.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I've now gone through two migrations and had to manually add all the computers. We really need a command to do this in Powershell. This is the only item keeping me from fully automating a process to cleanly do these with little to no user experience.

  • Josh Throckmorton commented  ·   ·  Flag as inappropriate

    It is unreal that there is no method for scripting a domain join to Azure AD still.. I cannot justify migrating to Azure AD if I can't simply roll out joining Azure AD to a test group of existing used devices before rolling it out to my entire company. We definitely need a way to script this for Azure AD to fit in to my environment. Otherwise, I'm going to be forced to use a different option that isn't Microsoft MDM...

  • Levi Stevens commented  ·   ·  Flag as inappropriate

    Ravi - This is a cop-out by Microsoft. We don't need a "richer experience", we need a hands free way to migrate systems to AAD join without having to wipe out the user state on the device as both Bulk Enrollment and Windows Autopilot require OOBE. I have clients that simply want to disjoin from AD and then AAD join. They do not want to have to effectively do a wipe and reload to migrate. They will get cleaner systems with a break/fix reinstall or part of their hardware refresh cycle. This is a particular pain point for the SMB sector who may not have the same resources as a large enterprise to pull off a W&R of all their devices to migrate.

  • Mark Daniel III commented  ·   ·  Flag as inappropriate

    There is not a bulk enrollment option, or else we wouldn't be asking this question. We're trying to automate a way to join hundreds of devices to an AD service that is already getting information about those devices from our other AD service. OOBE and Autopilot only provide an answer for new devices. We need a solution that allows us to add CURRENT devices to Azure AD without requiring users doing the configuration or IT touching every device.

  • Tyler Montney commented  ·   ·  Flag as inappropriate

    This absolutely needs to be implemented. I should be able to incorporate unattended AAD joining into my workflow instead of being shackled to one of the current options.

  • Mikey Jensen commented  ·   ·  Flag as inappropriate

    Please add a PowerShell command for this, how could you guys even ship Azure AD without a command for domain joining??? Bulk enrollment isn't feasible because you have to create a crazy package for each domain with a specialized (and very buggy) GUI based tool (and even then the packages don't always work). -- Currently, in the field, to perform this process we're automating Windows UI clicks with a testing framework, and it's extremely annoying.

  • D commented  ·   ·  Flag as inappropriate

    Why can't we have a single powershell command to join device to Azure AD.

  • Jesse Hester commented  ·   ·  Flag as inappropriate

    I can't believe that it's almost 2019 and it's still not possible to join an already-provisioned device to AAD with no user interaction necessary. I have to believe that either (a) the process used to join the device is so hacky that it can't feasibly be exposed via an API, or (b) giving administrators this ability doesn't align with Microsoft's business model for some reason.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I will give al my votes for this one. There really should be a powershell option for Azure AD Join!!

← Previous 1

Azure Active Directory: Domain Join

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice