Skip to content

Latest commit

 

History

History
61 lines (42 loc) · 2.85 KB

overview.md

File metadata and controls

61 lines (42 loc) · 2.85 KB
title description services ms.service ms.subservice ms.topic ms.date ms.author author manager ms.reviewer ms.collection
What is device identity in Azure Active Directory?
Device identities and their use cases
active-directory
active-directory
devices
overview
01/24/2023
joflore
MicrosoftGuyJFlo
amycolannino
sandeo, jogro, jploegert
M365-identity-device-management

What is a device identity?

A device identity is an object in Azure Active Directory (Azure AD). This device object is similar to users, groups, or applications. A device identity gives administrators information they can use when making access or configuration decisions.

Devices displayed in Azure AD Devices blade

There are three ways to get a device identity:

  • Azure AD registration
  • Azure AD join
  • Hybrid Azure AD join

Device identities are a prerequisite for scenarios like device-based Conditional Access policies and Mobile Device Management with the Microsoft Intune family of products.

Modern device scenario

The modern device scenario focuses on two of these methods:

Hybrid Azure AD join is seen as an interim step on the road to Azure AD join. Hybrid Azure AD join provides organizations support for downlevel Windows versions back to Windows 7 and Server 2008. All three scenarios can coexist in a single organization.

Resource access

Registering and joining devices to Azure AD gives users Seamless Sign-on (SSO) to cloud-based resources.

Devices that are Azure AD joined benefit from SSO to your organization's on-premises resources.

Provisioning

Getting devices in to Azure AD can be done in a self-service manner or a controlled process managed by administrators.

Next steps