This article provides answers to frequently asked questions about Hybrid Active Directory (AD) Join with Okta as the Federation Provider.
- Microsoft Entra ID / Azure Active Directory (AAD)
- Hybrid Join
Table of Contents
- Do I need to do anything in Okta for Sync Join to work?
- How do I test Sync Join?
- Do features like Windows Hello and AutoPilot work with Sync Join?
- Do I need any AAD premium features like Device Writeback for this to work?
Do I need to do anything in Okta for Sync Join to work?
No.
-
Upgrade the Windows 10 device to v.1803 or above.
-
Refer to Configure Microsoft Entra hybrid join. There is no need to update any claims in steps 9 & 10 of this configuration. Just click Configure > Exit.
-
Deploy GPO to enable Hybrid Join on the device. Once the group policy is set, the device will be hybrid joined on the next Entra ID / AAD Connect sync cycle.
Do features like Windows Hello and AutoPilot work with Sync Join?
Yes. All devices that are joined using “sync join” method will achieve Hybrid Join status which will satisfy the pre-requisites that a lot of Microsoft features like Windows Hello and AutoPilot have.
Do I need any AAD premium features like Device Writeback for this to work?
No
