All HowTo's Windows

Join Windows 10 to Azure AD (365)

If you have a “Work or School” Office 365 account, you’re likely able to use it as your Windows Domain service, allowing you go join your Windows 10 Pro (or higher, but not Home) to it as a domain member much like you would with an on-prem domain controller

We’ll start by setting up the Azure AD side of things. There isn’t anything special that needs to be done here. The service should already be there. We’re simply going to create a new user in Azure AD so we can confirm it’s working later on.

Log into Azure AD:

  1. Visit “https;//office.com” and login. You should select “Work or School” if you’re asked.
  2. Open Admin -> Azure Active Directory -> Azure Active Directory (from the left list).
  3. You will see “Devices” in the “Manage” section in the left menu. Click on Devices.

There are probably no devices in the list. But keep this Browser tab open. we’ll refer back to it shortly.

Let’s create a test user to confirm it works. We’ll use this user to log into a Windows 10 Pro workstation shortly:

  1. Still in Office365, select Users -> Add User.
  2. Complete the user creation form.

Now we need to join the workstation to the Azure AD domain:

  1. Log into the Windows 10 workstation as an administrator (local admin).
  2. Open Settings -> Accounts -> Access Work or School.
  3. Click the “+” icon and enter your Office365 username (email address) and password. If you have 2FA enabled (which I hope you do), you will be asked for satisfy that requirement first.

That process joined the workstation to the Azure AD domain. Now we need to link a user to the workstation.

  1. On the workstation, go to System -> Accounts -> Email and Accounts.
  2. Click “Add Account” .
  3. Select “Office 365”.
  4. Complete the login form using the credentials of the new user we created above.
    1. The username and email address are the same.
    2. The domain is the “example.com” where example if your business domain name in Office 365.
  5. For me, I was forced to change my password on first login. Obviously this can be changed but It’s a good thing to leave enabled.
  6. Click Done and you’re finished this stage.

It’s time to test it out. Reboot the workstation and try logging in as the new user you just created. You don’t need to reboot but it’s a good idea for a full test.

Wehn the computer boots back up and presents the Windows login options page, you should see the “Other” option. Select that.

You should see the device in the Devices list in the Office 365 Azure AD console.

Leave a Reply

Your email address will not be published. Required fields are marked *