Be the first to hear the latest EUC news. Enter your email to join.

Azure AD Join with VMware Workspace ONE

Ben Siler

Author: Ben Siler

Ben Siler is a product manager for VMware End-User Computing (EUC).

Share This Post On

Secure, timely support for remote Windows users can be tricky.

Imagine your top remote sales rep breaks her laptop before an onsite meeting with a vital client. Does she have time to wait for IT to grab a new laptop, Domain Join it for secure access to corporate resources and then ship it out? Even if there is time, she’ll worry about her meeting, and you’ll get plenty of requests for updates.

Instead, imagine that your rep simply stops by a nearby store for a new laptop. She self-enrolls into your Azure Active Directory (AD) domain using the Windows 10 Getting Started wizard. Her device is automatically protected with VMware Workspace ONE enterprise mobility management (EMM) policies.

When you combine Azure AD Domain Join with the best-in-class Windows 10 management of Workspace ONE, you can ensure security and control over end-user access to resources—even from devices that never touch your internal corporate network.

Azure Active Directory + Workspace ONE

Azure AD Join automatically protects Windows 10 with Workspace ONE EMM policies.

Secure Azure AD Join with Workspace ONE

Workspace ONE integrates with Azure AD Join to protect remote Windows 10 machines with enterprise mobility policies powered by VMware AirWatch. When an end user follows the Windows 10 setup wizard to join his or her device to your Azure AD instance, Azure AD can automatically enroll the device into Workspace ONE for management.

If you have devices that won’t consistently contact your corporate network, or if you have temporary users such as students or contractors, offering Azure AD Join to your users gives them the following benefits:

  • Easy access to their corporate resources through device enrollment into Workspace ONE;
  • Enterprise-class device security through Workspace ONE EMM;
  • User settings that follow them as they log into different domain-joined devices;
  • Strong but simple authentication with support for biometrics, such as face recognition using Windows Hello for Business and
  • Access to the Windows Store for Business using work or school accounts.

You can find full details on the benefits and prerequisites of Azure AD Join on Microsoft’s site.

Join-Azure-AD

Users can choose to Azure AD Join their device from the Windows 10 Getting Started Wizard.

Use Cases for Azure AD Join

Azure AD Join makes Windows 10 management easier than traditional AD Domain Join when you’re working with devices that may not connect to your corporate network or with temporary users (for more information, see this article outlining the pros and cons of Azure AD Join). Common use cases include the following:

  • Remote device registration: Some organizations ship Windows 10 devices to remote employees. If you set up Azure AD domain join, your users can easily join their devices to your domain as part of the Windows 10 setup wizard.
  • Temporary domain membership: If your organization employs temporary workers, such as contractors, or temporary users, such as students, you may choose to domain join them through Azure AD to take advantage of the self-service domain join as part of Windows 10 setup.

Workspace ONE, Azure AD and Office 365

Workspace ONE provides the industry-leading EMM you need to keep your devices and users safe. Learn more about how Workspace ONE protects valuable resources such as Microsoft Office 365, while providing end users with consumer-level ease of use. Visit vmware.com/products/workspace-one, or contact your VMware account representative for more details.

468 ad