Search
StarWind is a hyperconverged (HCI) vendor with focus on Enterprise ROBO, SMB & Edge

Join Windows 365 instances to Azure AD only

  • March 10, 2022
  • 5 min read
IT and Virtualization Consultant. Romain is specializing in Microsoft technologies such as Hyper-V, System Center, storage, networking, and MS Azure. He is a Microsoft MVP and MCSE in Server Infrastructure and Private Cloud.
IT and Virtualization Consultant. Romain is specializing in Microsoft technologies such as Hyper-V, System Center, storage, networking, and MS Azure. He is a Microsoft MVP and MCSE in Server Infrastructure and Private Cloud.


A few month ago, I wrote a topics about Windows 365. A major disadvantage I saw against Azure Virtual Desktop is that Windows 365 was not able to work only with Azure AD and required Active Directory with Hybrid AD Join. For a few days, Windows 365 has been updated in public preview to be joined only to Azure AD.

Configure the On-Premises network connection

I have a Windows 365 enterprise license, so everything is manageable through Microsoft Endpoint Manager (MEM). In MEM, navigate through Device > Windows 365. From there click on On-Premises network connection and Create. Now we have a second option: Azure AD Join.

On-Premises network connection

Specify the name of the profile and select the subscription, the resource group and the virtual network where you want your Windows 365 instance will be connected.

Network details

At the end of the wizard, you are informed that Windows 365 will be granted some additional permissions.

Review

Once the profil is created, wait a few minutes and then check the health report to verify if there are issues.

Overview

Set a provisioning policy

Now navigate to Provisioning policies and click on Create.

Provisioning policies

Provide a name for this policy. Now that the public preview is released, you have additional options such as Azure AD Join (in Join type). In Network, select the On-Premises network connection you have created previously.

Create a provisioning policy

Next select a custom image or an image in the Microsoft gallery.

Select a custom image

Provide the language & the region for your machine.

ConfigurationThen select a group where this policy will be applied. Be careful, every users in this group that have a Windows 365 license will have an instance deployed for them.

Assignments

In the final screen, review your settings and then click on Create.

Review

If like me you have two profiles assigned to the same group, you have to unassign the old policy to remove it. Then the Windows 365 instance bound to this policy will enter in grace period. At the end of the grace period, the instance will be reprovisioned with the new policy. So I suggest to you to create a new group if you have to do this kind of manipulation to avoid to reprovision all of your Windows 365 instance at the same moment. Then you will be able to add users to this group and make the migration smoothly

Add users

Once the provisioning is finished, you should get your Windows 365 instance.

Once the provisioning is finished

If we look at the Azure AD, you should have your Windows 365 instance as Azure AD Joined:

Windows 365 instance

Hey! Found Romain’s article helpful? Looking to deploy a new, easy-to-manage, and cost-effective hyperconverged infrastructure?
Alex Bykovskyi
Alex Bykovskyi StarWind Virtual HCI Appliance Product Manager
Well, we can help you with this one! Building a new hyperconverged environment is a breeze with StarWind Virtual HCI Appliance (VHCA). It’s a complete hyperconverged infrastructure solution that combines hypervisor (vSphere, Hyper-V, Proxmox, or our custom version of KVM), software-defined storage (StarWind VSAN), and streamlined management tools. Interested in diving deeper into VHCA’s capabilities and features? Book your StarWind Virtual HCI Appliance demo today!