How to Join Windows 10 Machines to Domain or Azure AD

Latest Article on Manual Azure AD Join is

Windows 10 RTM is now available for download more details here. I’ve loads of Windows 10 related posts here. In this post, we’ll cover the process of Windows 10 AAD join and Classic Domain Join !!

Also, we will come to know How to enroll Windows 10 machine to Microsoft Intune. We can still use the old method control panel system properties to join a Windows 10 machine to the domain.

However the wizard is changed a bit if you compare it with Windows 7. Domain join is old classical way of joining your Windows 10 machine into your Work domain. So what is the newest trend of Domain join 🙂 It’s AAD join, Azure Active Directory join (AAD is SaaS solution by Microsoft for identity management). When your organization has an Azure AD subscription and MDM solution like Intune then you can join your modern Windows 10 devices to AAD.

Windows 10 RTM - Azure AD Join - 8

When you start the process of Azure AD join with Windows 10, there are two ways to achieve this. First, you can go to Settings –> Accounts –> Work Access and click on Join or Leave Azure AD link. Another way is to go to Settings –> System –> About and join Windows 10 machine to Azure AD from there.

Windows 10 RTM - Azure AD Join -1

When you click on the link (Join or Leave Azure AD) as mentioned in the above step, it will take you to Windows 10 Settings–>System–>About page. From about page you can change the Windows 10 machine name before joining Azure AD by clicking on Rename PC (Windows 10 PC). To join your organizations Azure AD, click on Join Azure AD button.

Windows 10 RTM - Azure AD Join -2

On this page, you need to provide Work or School ID which is used for Office 365 or any other Microsoft cloud or business solutions. I’ve entered my cloud ID (Azure AD user ID) and password and clicked on Sign in button.

Windows 10 RTM - Azure AD Join -3

When your organization has enabled multi factor authentication (MFA) on Azure AD then you will receive a verification call on your mobile number and you need to answer that call and press # to complete the authentication process. If MFA is not enabled then Azure AD join wizard will ask you to check and confirm your organizations name and details. Once you are sure about the organization Azure AD domain you wanted to join click on JOIN button as you see in the below screen.

Windows 10 RTM - Azure AD Join -5

Now, the Windows 10 machine will connect to Azure AD and complete the authentication and AAD join process. This may take some time depends on your internet speed. Windows 10 RTM - Azure AD Join -6

All finished now. 🙂 Windows 10 machine has joined to Azure AD. Click on finish to complete the process. You can have auto enrollment enabled for Microsoft Intune when machines join to Azure AD in that way there is no need to search in Windows store for Microsoft Intune company portal and install – enroll it 🙂Windows 10 RTM - Azure AD Join - 7

To confirm Azure AD join,  you can go to Settings –> Accounts –> Work Access and confirm whether your organization name is showing up there or not. You can click on that button and check the Azure AD sync details whether policies are getting synced or not.

Windows 10 RTM - Azure AD Join - 9

How to enroll Windows 10 machine to Microsoft Intune?

When you have set auto enrollment for your organization AAD tenant then all the devices which are joined to AAD will automatically enrolled to Microsoft Intune. You don’t have to separately install Intune company portal from the Windows store and enroll the devices. As you can see in the following screen capture, my surface is enrolled to Intune automatically 🙂 and the device type is detected as Mobile. More details about auto enrollment features are explained in the post hereWindows 10 RTM - Azure AD Join - 11

How to Perform Windows 10 Domain Join ? 

Domain join is old classical way of joining your Windows 10 machine to your Work domain. Go to control panel – system properties and click on change settings.

Windows 10 RTM Domain Join-2

On system properties window, click on Network ID to join Windows 10 machine to a domain. The Windows 10 domain wizard is changed a bit. On the second windows, Join a Domain or Workplace – select one of the option that describes your network. Either select “This computer is part of a business network I use to connect to other computer” or “This is a home computer; it’s not part of a business network“. Select 1st option if you want Windows 10 machine to a domain. Select 2nd option if you want Windows 10 machine to workplace.

Windows 10 RTM Domain Join-1

How to Rename Windows 10 machine and How to perform Domain Join for Windows 10 machine


Sharing is caring!

20 thoughts on “How to Join Windows 10 Machines to Domain or Azure AD”

  1. I’ve joined AD on some devices and had to reset one of them, so now the connection is lost… Only problem is: this happened to be the only user on this device, I can’t log on any more… Any ideas about what I could do??

  2. Anoop, I have the same issue that Greg has mentioned above. Is there a solution to this or do we join using the classical way of joining the domain ?

      • I may have found out the issue. I tried to login with the ID I have in our Azure AD account and told me there was a problem. I have not setup the MDM yet and it tells me that in the error on why I’m not connecting. If after I get everything setup and have an issue, I’ll reach out. Thank you.

  3. Anoop,

    This article was helpful but do have a challenge for you. When I set up a new machine recently I joined it to an Azure AD, but now actually need to join it to a domain. It does not appear the two can co-exist as when I try and join it to a domain, it wants me to disconnect from the Azure AD. However, when I try to disconnect from the Azure AD it wants alternate account info on the local machine. So would love some ideas as to how to get it connected to the domain and get it off Azure AD (or have both).

    Thanks in advance!

    • Jeremy – I have not seen any requirement yet to have a device joined to On Prem Domain as well as Azure AD. Why do think, you need both?

      If you have Azure AD connect syncing all identities from on prem AD to Azure AD, then that on prem AD is called Hybrid AD.

      Hybrid AD join is similar to both Azure AD join as well as domain join. But it’s not same. From a functionality perspective, you can perform Azure AD authentication with Hybrid Domain join machines.

      Yeah it’s normal that you need to have local account before disconnecting from Azure AD otherwise you won’t be able to login to Windows 10 machine.

      Does that make sense?

  4. Hello Anoop,

    I have had a very mixed experience. One machine presented the option to join to Azure AD on the build from OEM 10 Pro boot up. The problem was that this machine could see our entire domain. Yet our Domain could not see this Azure AD connected machine. My second laptop did present an option to join Azure AD out of the box. I eventually found a link in the settings to join. However, the machine never changed from OEM Pro to Enterprise Subscription. I hope that you can shed some light on this.


    • Hi David – Can you explain a bit about “the machine could see our entire domain” and “Domain could not see this Azure AD connected machine”. What does that mean? You can’t see the Windows 10 machine in Azure AD portal or You can’t see the machine record in On Prem Domain? Or is this related to something else. There are couple of things here. 1. Do you have Hybrid Domain or AD (more details about the Hybrid AD in the above comment?) 2. Did you assigned Windows 10 enterprise license to that user from Azure AD? This is required to get the activation and conversion from Pro to Enterprise SKU of Windows.

  5. Hi Anoop

    I have a question , all the enrollment points back to OOBE or adding account manually. I have domain joined machines all windows 10 updated to latest OS, how i can i enroll all the devices to Intune.



Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.