How can we improve Azure Active Directory?

← Azure Active Directory

All Powershell/BASH/script Azure AD join

For converting BOYD to Azure AD in the field w/o user intervention, we need a way for elevated accounts to be able to perform an Azure AD join of devices via script.... come on, this is the basics...

Think of it as MDM self-enrollment... if not that, then give us a one-click way for users to self-enroll the device.

117 votes
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

M.B. shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
unplanned  ·  AdminAzure AD Team (Product Manager, Microsoft Azure) responded  · 

Thanks for the feedback on this. There are several ways to do Azure AD join (OOBE, bulk enrollment and Autopilot) which provide a richer experience to join devices to Azure AD. We’re continuously working to enhance those, so currently this is unplanned for the near future. Please continue to vote to help us prioritize


Ravi

13 comments

Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Flag as inappropriate

    I've now gone through two migrations and had to manually add all the computers. We really need a command to do this in Powershell. This is the only item keeping me from fully automating a process to cleanly do these with little to no user experience.

  • Josh Throckmorton commented  ·   ·  Flag as inappropriate

    It is unreal that there is no method for scripting a domain join to Azure AD still.. I cannot justify migrating to Azure AD if I can't simply roll out joining Azure AD to a test group of existing used devices before rolling it out to my entire company. We definitely need a way to script this for Azure AD to fit in to my environment. Otherwise, I'm going to be forced to use a different option that isn't Microsoft MDM...

  • Levi Stevens commented  ·   ·  Flag as inappropriate

    Ravi - This is a cop-out by Microsoft. We don't need a "richer experience", we need a hands free way to migrate systems to AAD join without having to wipe out the user state on the device as both Bulk Enrollment and Windows Autopilot require OOBE. I have clients that simply want to disjoin from AD and then AAD join. They do not want to have to effectively do a wipe and reload to migrate. They will get cleaner systems with a break/fix reinstall or part of their hardware refresh cycle. This is a particular pain point for the SMB sector who may not have the same resources as a large enterprise to pull off a W&R of all their devices to migrate.

  • Mark Daniel III commented  ·   ·  Flag as inappropriate

    There is not a bulk enrollment option, or else we wouldn't be asking this question. We're trying to automate a way to join hundreds of devices to an AD service that is already getting information about those devices from our other AD service. OOBE and Autopilot only provide an answer for new devices. We need a solution that allows us to add CURRENT devices to Azure AD without requiring users doing the configuration or IT touching every device.

  • Tyler Montney commented  ·   ·  Flag as inappropriate

    This absolutely needs to be implemented. I should be able to incorporate unattended AAD joining into my workflow instead of being shackled to one of the current options.

  • Mikey Jensen commented  ·   ·  Flag as inappropriate

    Please add a PowerShell command for this, how could you guys even ship Azure AD without a command for domain joining??? Bulk enrollment isn't feasible because you have to create a crazy package for each domain with a specialized (and very buggy) GUI based tool (and even then the packages don't always work). -- Currently, in the field, to perform this process we're automating Windows UI clicks with a testing framework, and it's extremely annoying.

  • Anonymous commented  ·   ·  Flag as inappropriate

    One ******* wrong answer by a user and I get ****** with this problem from across the country

  • D commented  ·   ·  Flag as inappropriate

    Why can't we have a single powershell command to join device to Azure AD.

  • Jesse Hester commented  ·   ·  Flag as inappropriate

    I can't believe that it's almost 2019 and it's still not possible to join an already-provisioned device to AAD with no user interaction necessary. I have to believe that either (a) the process used to join the device is so hacky that it can't feasibly be exposed via an API, or (b) giving administrators this ability doesn't align with Microsoft's business model for some reason.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I will give al my votes for this one. There really should be a powershell option for Azure AD Join!!

  • Nicu Berger commented  ·   ·  Flag as inappropriate

    There should defently be a way to make an Azure AD join using Powershell. For example, an SCCM OSD task sequence could be created in which the client is taken directly into the Azure AD.

Azure Active Directory: Domain Join

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice