AZ-104 Certification Notes

Chapter 3.7 - AD Joined Devices

Azure AD Joined Devices

• Definition
  • Joined only to Azure AD requiring organizational account to sign-in to the device
• Primary audience
  • Suitable for both cloud-only and hybrid organizations
  • Applicable to all users in an organization
• Device ownership
  • Organization
• Operating Systems
  • All Windows 10/11 devices except Windows 10/11 Home
  • Windows Server 2019/2022 Virtual Machines running in Azure (Server core is not supported)
• Provisioning
  • Self-service: Windows OOBE or Settings, Bulk enrollment, Windows Autopilot
• Device sign in options
  • Organizational accounts using: Password, Windows Hello for Business, FIDO2.0 security keys
• Device management
  • Mobile Device Management (Microsoft Intune)
  • Co-management with Microsoft Intune and Microsoft Endpoint Configuration Manager

• Key capabilities
  • SSO to both cloud and on-premises resources
  • Conditional Access through MDM enrollment and MDM compliance evaluation
  • Self-service Password Reset and Windows Hello PIN reset on lock screen
  • Enterprise State Roaming across devices

Practice Quiz

• What operating systems can utilize with Azure AD Joined Devices? (Choose 2)

  • Windows Server 2019 Virtual Machines running in Azure
  • Windows 8.1, 7
  • All Windows 10 devices except Windows 10 Home
  • MacOS

• What device management can utilize Azure AD Join Devices?

  • Mobile Application Management
  • Co-management with Microsoft Intune and Microsoft Endpoint Configuration Manager
  • Group Policy
  • Mobile Device Management (Microsoft Intune)

• What is the primary audience of Azure AD Joined Devices?

  • Applicable to all users in an organization
  • Bring your own Device
  • Mobile devices
  • Suitable for both cloud-only and hybrid organizations

• What are Azure AD Joined Devices?

  • Joined only to Azure AD requiring an organizational account to sign-in to the device.