Skip to content

Commit ecb39f6

Browse files
committed
2 parents c81b45f + 5ae539b commit ecb39f6

File tree

380 files changed

+6327
-3173
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

380 files changed

+6327
-3173
lines changed

.openpublishing.redirection.active-directory.json

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10847,6 +10847,41 @@
1084710847
"redirect_document_id": false
1084810848
},
1084910849
{
10850+
"source_path_from_root": "/articles/active-directory/fundamentals/active-directory-groups-create-azure-portal.md",
10851+
"redirect_url": "/azure/active-directory/fundamentals/how-to-manage-groups",
10852+
"redirect_document_id": false
10853+
},
10854+
{
10855+
"source_path_from_root": "/articles/active-directory/fundamentals/active-directory-groups-members-azure-portal.md",
10856+
"redirect_url": "/azure/active-directory/fundamentals/how-to-manage-groups",
10857+
"redirect_document_id": false
10858+
},
10859+
{
10860+
"source_path_from_root": "/articles/active-directory/fundamentals/active-directory-groups-delete-group.md",
10861+
"redirect_url": "/azure/active-directory/fundamentals/how-to-manage-groups",
10862+
"redirect_document_id": false
10863+
},
10864+
{
10865+
"source_path_from_root": "/articles/active-directory/fundamentals/active-directory-groups-membership-azure-portal.md",
10866+
"redirect_url": "/azure/active-directory/fundamentals/how-to-manage-groups",
10867+
"redirect_document_id": false
10868+
},
10869+
{
10870+
"source_path_from_root": "/articles/active-directory/fundamentals/active-directory-groups-settings-azure-portal.md",
10871+
"redirect_url": "/azure/active-directory/fundamentals/how-to-manage-groups",
10872+
"redirect_document_id": false
10873+
},
10874+
{
10875+
"source_path_from_root": "/articles/active-directory/fundamentals/active-directory-accessmanagement-managing-group-owners.md",
10876+
"redirect_url": "/azure/active-directory/fundamentals/how-to-manage-groups",
10877+
"redirect_document_id": false
10878+
},
10879+
{
10880+
"source_path_from_root": "/articles/active-directory/fundamentals/active-directory-manage-groups.md",
10881+
"redirect_url": "/azure/active-directory/fundamentals/concept-learn-about-groups",
10882+
"redirect_document_id": false
10883+
},
10884+
{
1085010885
"source_path_from_root": "/articles/active-directory/fundamentals/keep-me-signed-in.md",
1085110886
"redirect_url": "/azure/active-directory/fundamentals/customize-branding",
1085210887
"redirect_document_id": false

.openpublishing.redirection.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34248,6 +34248,11 @@
3424834248
"redirect_url": "/azure/virtual-machines/windows/connect-winrm",
3424934249
"redirect_document_id": false
3425034250
},
34251+
{
34252+
"source_path_from_root": "/articles/azure-arc/servers/data-residency.md",
34253+
"redirect_url": "/azure/azure-arc/servers/overview",
34254+
"redirect_document_id": false
34255+
},
3425134256
{
3425234257
"source_path_from_root": "/articles/virtual-machines/linux/copy-files-to-linux-vm-using-scp.md",
3425334258
"redirect_url": "/azure/virtual-machines/copy-files-to-vm-using-scp",

articles/active-directory/app-proxy/application-proxy-security.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ ms.service: active-directory
88
ms.subservice: app-proxy
99
ms.workload: identity
1010
ms.topic: conceptual
11-
ms.date: 04/21/2021
11+
ms.date: 09/02/2022
1212
ms.author: kenwith
1313
ms.reviewer: ashishj
1414
---
@@ -23,7 +23,7 @@ The following diagram shows how Azure AD enables secure remote access to your on
2323

2424
## Security benefits
2525

26-
Azure AD Application Proxy offers the following security benefits:
26+
Azure AD Application Proxy offers many security benefits including authenticated access, conditional access, traffic termination, all outbound access, cloud scale analytics and machine learning, and remote access as a service. It is important to note that even with all of the added security provided by Application Proxy, the systems being accessed must continually be updated with the latest patches.
2727

2828
### Authenticated access
2929

articles/active-directory/devices/TOC.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
- name: Tutorials
88
expanded: false
99
items:
10-
- name: Azure AD join during Windows 10 first-run experience
10+
- name: Azure AD join a new Windows device
1111
href: azuread-joined-devices-frx.md
1212
- name: Concepts
1313
expanded: true
Lines changed: 31 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -1,79 +1,63 @@
11
---
2-
title: Join a new Windows 10 device with Azure AD during a first run | Microsoft Docs
3-
description: How users can set up Azure AD Join during the out of box experience.
2+
title: Join a new Windows 10 device with Azure AD during the out of box experience
3+
description: How users can set up Azure AD Join during OOBE.
44

55
services: active-directory
66
ms.service: active-directory
77
ms.subservice: devices
88
ms.topic: tutorial
9-
ms.date: 06/28/2019
9+
ms.date: 08/31/2022
1010

1111
ms.author: joflore
1212
author: MicrosoftGuyJFlo
1313
manager: amycolannino
1414
ms.reviewer: ravenn
1515

16-
#Customer intent: As a user, I want to join my corporate device during a first-run so that I can access my corporate resources
17-
1816
ms.collection: M365-identity-device-management
1917
---
20-
# Tutorial: Join a new Windows 10 device with Azure AD during a first run
21-
22-
With device management in Azure Active Directory (Azure AD), you can ensure that your users are accessing your resources from devices that meet your standards for security and compliance. For more information, see the [introduction to device management in Azure Active Directory](overview.md).
18+
# Azure AD join a new Windows device during the out of box experience
2319

24-
With Windows 10, You can join a new device to Azure AD during the first-run out-of-box experience (OOBE).
25-
This enables you to distribute shrink-wrapped devices to your employees or students.
20+
Starting in Windows 10 users can join new Windows devices to Azure AD during the first-run out-of-box experience (OOBE). This functionality enables you to distribute shrink-wrapped devices to your employees or students.
2621

27-
If you have either Windows 10 Professional or Windows 10 Enterprise installed on a device, the experience defaults to the setup process for company-owned devices.
28-
29-
In the Windows *out-of-box experience*, joining an on-premises Active Directory (AD) domain is not supported. If you plan to join a computer to an AD domain, during setup, you should select the link **Set up Windows with a local account**. You can then join the domain from the settings on your computer.
30-
31-
In this tutorial, you learn how to join a device to Azure AD during FRX:
32-
> [!div class="checklist"]
33-
> * Prerequisites
34-
> * Joining a device
35-
> * Verification
22+
This functionality pairs well with mobile device management platforms like [Microsoft Intune](/mem/intune/fundamentals/what-is-intune) and tools like [Windows Autopilot](/mem/autopilot/windows-autopilot) to ensure devices are configured according to your standards.
3623

3724
## Prerequisites
3825

39-
To join a Windows 10 device, the device registration service must be configured to enable you to register devices. In addition to having permission to joining devices in your Azure AD tenant, you must have fewer devices registered than the configured maximum. For more information, see [configure device settings](device-management-azure-portal.md#configure-device-settings).
40-
41-
In addition, if your tenant is federated, your Identity provider MUST support WS-Fed and WS-Trust username/password endpoint. This can be version 1.3 or 2005. This protocol support is required to both join the device to Azure AD and sign in to the device with a password.
42-
43-
## Joining a device
44-
45-
**To join a Windows 10 device to Azure AD during FRX:**
46-
47-
1. When you turn on your new device and start the setup process, you should see the **Getting Ready** message. Follow the prompts to set up your device.
48-
1. Start by customizing your region and language. Then accept the Microsoft Software License Terms.
49-
50-
<!--![Customize for your region](./media/azuread-joined-devices-frx/01.png)-->
26+
To Azure AD join a Windows device, the device registration service must be configured to enable you to register devices. For more information about prerequisites, see the article [How to: Plan your Azure AD join implementation](azureadjoin-plan.md).
5127

52-
1. Select the network you want to use for connecting to the Internet.
53-
1. Click **This device belongs to my organization**.
28+
> [!TIP]
29+
> Windows Home Editions do not support Azure AD join. These editions can still access many of the benefits by using [Azure AD registration](concept-azure-ad-register.md).
30+
>
31+
> For information about how complete Azure AD registration on a Windows device see the support article [Register your personal device on your work or school network](https://support.microsoft.com/account-billing/register-your-personal-device-on-your-work-or-school-network-8803dd61-a613-45e3-ae6c-bd1ab25bf8a8).
5432
55-
<!--![Who owns this PC screen](./media/azuread-joined-devices-frx/02.png)-->
33+
## Join a new Windows 11 device to Azure AD
5634

57-
1. Enter the credentials that were provided to you by your organization, and then click **Sign in**.
35+
Your device may restart several times as part of the setup process. Your device must be connected to the Internet to complete Azure AD join.
5836

59-
<!--![Sign-in screen](./media/azuread-joined-devices-frx/03.png)-->
37+
1. Turn on your new device and start the setup process. Follow the prompts to set up your device.
38+
1. When prompted **How would you like to set up this device?**, select **Set up for work or school**.
39+
:::image type="content" source="media/azuread-joined-devices-frx/windows-11-first-run-experience-work-or-school.png" alt-text="Screenshot of Windows 11 out-of-box experience showing the option to set up for work or school.":::
40+
1. On the **Let's set things up for your work or school** page, provide the credentials that your organization provided.
41+
1. Optionally you can choose to **Sign in with a security key** if one was provided to you.
42+
1. If your organization requires it, you may be prompted to perform multifactor authentication.
43+
:::image type="content" source="media/azuread-joined-devices-frx/windows-11-first-run-experience-device-sign-in-info.png" alt-text="Screenshot of Windows 11 out-of-box experience showing the sign-in experience.":::
44+
1. Continue to follow the prompts to set up your device.
45+
1. Azure AD checks if an enrollment in mobile device management is required and starts the process.
46+
1. Windows registers the device in the organization’s directory in Azure AD and enrolls it in mobile device management, if applicable.
47+
1. If you sign in with a managed user account, Windows takes you to the desktop through the automatic sign-in process. Federated users are directed to the Windows sign-in screen to enter your credentials.
48+
:::image type="content" source="media/azuread-joined-devices-frx/windows-11-first-run-experience-complete-automatic-sign-in-desktop.png" alt-text="Screenshot of Windows 11 at the desktop after first run experience Azure AD joined.":::
6049

61-
1. Your device locates a matching tenant in Azure AD. If you are in a federated domain, you are redirected to your on-premises Secure Token Service (STS) server, for example, Active Directory Federation Services (AD FS).
62-
1. If you are a user in a non-federated domain, enter your credentials directly on the Azure AD-hosted page.
63-
1. You are prompted for a multi-factor authentication challenge.
64-
1. Azure AD checks whether an enrollment in mobile device management is required.
65-
1. Windows registers the device in the organization’s directory in Azure AD and enrolls it in mobile device management, if applicable.
66-
1. If you are:
67-
- A managed user, Windows takes you to the desktop through the automatic sign-in process.
68-
- A federated user, you are directed to the Windows sign-in screen to enter your credentials.
50+
For more information about the out-of-box experience, see the support article [Join your work device to your work or school network](https://support.microsoft.com/account-billing/join-your-work-device-to-your-work-or-school-network-ef4d6adb-5095-4e51-829e-5457430f3973).
6951

7052
## Verification
7153

72-
To verify whether a device is joined to your Azure AD, review the **Access work or school** dialog on your Windows device. The dialog should indicate that you are connected to your Azure AD directory.
54+
To verify whether a device is joined to your Azure AD, review the **Access work or school** dialog on your Windows device found in **Settings** > **Accounts**. The dialog should indicate that you're connected to Azure AD, and provides information about areas managed by your IT staff.
7355

74-
![Access work or school](./media/azuread-joined-devices-frx/13.png)
56+
:::image type="content" source="media/azuread-joined-devices-frx/windows-11-access-work-or-school.png" alt-text="Screenshot of Windows 11 Settings app showing current connection to Azure AD.":::
7557

7658
## Next steps
7759

78-
- For more information, see the [introduction to device management in Azure Active Directory](overview.md).
7960
- For more information about managing devices in the Azure AD portal, see [managing devices using the Azure portal](device-management-azure-portal.md).
61+
- [What is Microsoft Intune?](/mem/intune/fundamentals/what-is-intune)
62+
- [Overview of Windows Autopilot](/mem/autopilot/windows-autopilot)
63+
- [Passwordless authentication options for Azure Active Directory](../authentication/concept-authentication-passwordless.md)

articles/active-directory/devices/index.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ metadata:
1212
ms.topic: landing-page
1313
author: MicrosoftGuyJFlo
1414
ms.author: joflore
15-
ms.date: 08/20/2019
15+
ms.date: 08/31/2022
1616
ms.collection: M365-identity-device-management
1717

1818
# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | whats-new
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.

0 commit comments

Comments
 (0)