谁能帮助我做我应该做的事情? - Azure AD,ADDS,Intune,Hybrid,Domain加入 [英] Who can help me with what I should do? - Azure AD, ADDS, Intune, Hybrid, Domain joined
问题描述
下午好,亲爱的系统经理,
我要求您提供有关Azure和ADDS的专业知识和清晰视图。我最近加入了一家公司,他们给我的工作是找出Azure的工作原理,因为他们刚刚安装了Azure的一些功能,并没有真正检查这些功能是否需要
。现在,他们已经安装了以下功能:
- 具有域控制器的公司网络以及在Active Directory域服务(ADDS)中放置在公司网络中的所有VM。
- 与ADDS同步的Azure Active Directory(AAD)。
- Intune,已安装ADDS连接器和配置的自动驾驶仪。
现在他们让我让自动驾驶器(来自intune)运行新设备,自动加入ADDS域,这样当他们点击@this PC时,他们将看不到工作组,但是在公司的域中。
所以我认为它们是错误的并且不理解Azure和Intune的要点,因为如果你使用Intune并使用自动驾驶,你将永远留在工作组但域加入@systeminfo :
我们遇到了很多问题:人们加入了公司的ADDS域,并且在自动驾驶配置之后推动了组策略的启动。然后他们无法连接某些路径。此外,许多程序将在符号
之后通过GPO安装。然后它们仍然连接到Intune,但公司门户变得不可用并说"您的设备已连接到域"。发生了奇怪的问题,安装新的笔记本电脑从未像现在这样困难。
---------------------- -----------------------------------------
现在,我想知道:如何结合上面描述的当前功能,为我们创造理想的情况,我们可以:b
- 保持我们的ADDS连接所有设备和服务器,并能够将VM缓慢迁移到云端。
- 为用户提供仍在未打开的盒子中的设备并自动安装所有软件在开发人员(用户)所需的第一次启动时
- 能够将设备缓慢迁移到Azure Active Directory
- 仍然使用我们的所有驱动器映射,我们的用户在哪里工作
我想知道我应该怎么做?什么"功能"(来自微软的服务)我应该建议他们使用组合来使所有内容顺利运行并提供上述可能性?
请原谅我的英语不好,提前谢谢! :)
根据您的描述,我会将它们引用到新文章 -
使用Intune和Windows自动驾驶仪(预览)部署混合的Azure AD加入设备
Good afternoon dear system managers,
I am asking for your specialized knowledge and clear view on Azure and ADDS. I recently joined a company and they gave me the job to find out how Azure works, since they have just installed some functions of Azure and didn't really check if those functions were necessary. Now they have installed the following functions:
- A company network with domain controllers and all VM's put up in the company's network in Active Directory Domain Services(ADDS).
- An Azure Active Directory(AAD) synchronized with the ADDS.
- Intune with an installed connector to the ADDS and a configured autopilot.
Now they ask me to let new devices run by autopilot(from intune), automatically join the ADDS domain so when they richt click @this PC they won't see workgroup, but in the company's domain.
So I think they are mistaken and do not understand the point of Azure and Intune, because if you use Intune, and use autopilot, you will always stay in a workgroup but domain joined @ systeminfo:
We get a lot of problems: People join the company's ADDS domain and group policy's are pushed on startup after the autopilot configuration. Then they cannot connect with certain paths. Also a lot of programms will be installed through GPO's after a sign in. Then they are still connected into Intune, but the company portal becomes unavailable and says 'Your device is already connected to a domain'. Strange problems occur and installing a new laptop was never so hard as it is now.
---------------------------------------------------------------
Now, what I would like to know: How to combine the current described functions above that would create an ideal situation for us where we can:
- Keep our ADDS with all devices and servers connected, and be able to slowly migrate VM's to the cloud.
- Give a user a device still within an unopened box and automatically install all software on the first startup that's necessary for the developers(users)
- Be able to slowly migrate devices to the Azure Active Directory
- Use still all our drive mappings, where our users work on
I would like to know what I should do? What 'functions'(services from microsoft) should I advise them to use combined to get it all running smoothly with the possibilties above provided?
Excuse me for my bad english, thanks in advance! :)
Based on your description I would refer them to the new article - Deploy hybrid Azure AD-joined devices by using Intune and Windows Autopilot (Preview)
These features are still in preview and I am not sure the exact scenario you described is possible.
这篇关于谁能帮助我做我应该做的事情? - Azure AD,ADDS,Intune,Hybrid,Domain加入的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
