Introduction to device management in Azure Active Directory:
https://docs.microsoft.com/fr-fr/azure/active-directory/devices/overview
As a rule of a thumb, you should use:
- Azure AD registered devices:
- For personal devices
- To manually register devices with Azure AD
- Azure AD joined devices:
- For devices that are owned by your organization
- For devices that are not joined to an on-premises AD
- To manually register devices with Azure AD
- To change the local state of a device
- Hybrid Azure AD joined devices for devices that are joined to an on-premises AD
- For devices that are owned by your organization
- For devices that are joined to an on-premises AD
- To automatically register devices with Azure AD
- To change the local state of a device
How to Setup: https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan
Azure AD registered devices:
Hybrid Azure AD joined devices:
To configure Hybrid Azure AD joined devices, kindly visit the link:
https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-manual-steps
Azure AD joined devices:
Azure AD Join vs Azure AD Device Registration:
https://blogs.technet.microsoft.com/trejo/2016/04/09/azure-ad-join-vs-azure-ad-device-registration/
Manage devices:
Device management tasks:
Configure On-Premises Conditional Access using registered devices:
Very interesting article about BYOD and impact with different options and CAPs
Securing BYOD – The different options when signing in to M365 Apps
Jacques Dalbera's IT world 