Exploring Device Integration in Azure Active Directory (Three Device Registration Types)

1 year ago
Ruian Ding
2 minutes

This blog post takes a comparison into the ins and outs of device integration within Azure Active Directory, shedding light on various device statuses, ownership models, and supported platforms. Whether you’re an individual user looking to sync your devices or part of an organization aiming to streamline device management, this guide will navigate you through the available options and provide valuable insights.

Device StatusDevice OwnerAccount for Logging into DeviceSupported Device PlatformsOfficial Documentation
Azure AD registeredPersonalMSA: Microsoft Account(Personal Account);
Local Machine Account		Windows 10 or above;
IOS & Android;
Mac OS;
Linux (Use Company Portal)		Register your personal device on your work or school network – Microsoft Support
Azure AD joinedOrganization
(Applicable for non-domain-joined devices)		Organization account 
(Cloud only or synchronized from on-prem AD)		Windows 10 or above, except Windows 10 Home
Windows Server 2019 Virtual Machines running in Azure①
(Server core isn’t supported)		Join an already configured device:
Join your work device to your work or school network – Microsoft Support
Join a new device in the OOBE:
Join a new Windows 11 device with Azure AD during the out of box experience – Microsoft Entra | Microsoft Learn
Hybrid Azure AD joinedOrganization
(Applicable for domain-joined devices managed by Group Policy)		Organization account
(Account originally created from on-prem AD, and synced to cloud)		Windows 10 or above;
Windows 8.1 and 7;
Windows Server 2008/R2, 2012/R2②, 2016 and 2019		Configure hybrid Azure Active Directory join – Microsoft Entra | Microsoft Learn
Targeted Hybrid Azure AD Join:
Targeted deployments of hybrid Azure AD join – Microsoft Entra | Microsoft Learn

When dealing with Windows Server Virtual Machines operating within Azure, it is essential to utilize an alternative approach for machine joining. This involves employing the Azure AD extension to establish the necessary connection.
Log in to a Windows virtual machine in Azure by using Azure AD – Microsoft Entra | Microsoft Learn

The Hybrid Azure AD Join feature is not integrated into down-level Windows devices, such as Windows 8.1. In these instances, the Workplace Join tool must be employed to facilitate the Hybrid Join process.
Enable downlevel devices for hybrid Azure Active Directory join – Microsoft Entra | Microsoft Learn