It was only until recently that I realized the usage of Hybrid Azure AD Join (HAADJ) is sparser than I expected.
Digging a bit more on why this is the case, I found out that the community isn’t yet aware of what such a setup can offer.
What makes the offerings of the setup more important, is the change of the landscape following the explosion of remote working amid the COVID-19 pandemic.
In the following lines, I will emphasize the features I’m confident that add significant value to an organization:
Get more with Hybrid Azure AD Join
For those unaware of the solution, let me say that when a device is in HAADJ setup, it means that it is joined both in the on-premises or pre-existing Active Directory and Azure Active Directory (AAD).
This happens through Azure AD Connect which syncs and maps the user identities.
This double identity gives the device a ton of options that can co-exist and further safeguard an infrastructure.
You still get the AD Group Policies but you also get lots of AAD offerings like device management and conditional access; only to name a few.
Before making the move in that direction, it is important to check the available licensing schemes for the features you care about most.
Simplified Device Management
The days that you had to have and retain Microsoft System Center to get extensive device management capabilities are long gone.
Perks like Configuration Profiles for endpoints are now available in the hybrid setup and we can easily configure and maintain them.
Having a look, most of the things you will want are there: BitLocker Encryption, Microsoft Defender Advanced Protection Settings, Local Device Security Options, User Rights and more.
It is no secret that even before the pandemic, the landscape was changed after having entered the Bring Your Own Device (BYOD) era.
Traditional corporate defences like drawing DMZ zones and Firewall protections proved not as effective as before.
But due to the extreme and unforeseen circumstances that became our everyday reality after the pandemic outburst, we must take for granted that the landscape has changed even more.
Company data reside where the user is and we must protect them.
Conditional Access greatly adds to that with its numerous controls that allow us to manage access to corporate resources.
Below are some of the options we can configure:
- Who can access an application
- The conditions to access an application
- Location from where we can access the application
- Limited user access within applications for non-compliant devices
This concludes our glance at the Hybrid Azure AD Join (HAADJ) world. If you feel you are interested in learning more, you are always welcome to contact me.