Azure Active Directory and Windows 10: Microsoft’s Hybrid Vision

Azure Active Directory and Windows 10: Microsoft’s Hybrid Vision

As more and more companies make the transition from On-Premise to the Cloud, Microsoft believes that there will be a phase where companies run both data centers in parallel.  Microsoft believes that this Hybrid state will last for approximately 10 years.  Beyond these years most workloads will be in the cloud.

How can organisations manage users and devices from a single source of truth?  Microsoft has assisted with this Hybrid state allowing companies to administer cloud users, all with the assistance of Azure ADConnect. Today we are in a Cloud First era, if Cloud is not supported why not?

The days of imaging devices and adding them domains maybe coming to an end.  Companies will soon be able to manage Windows 10 (slated for first update) by simply joining them to Azure AD, with Azure AD Join.

This will be compatible with Microsoft Intune. Users will get a single sign on experience from their on premise applications, device and their cloud applications. This will be the start of large organisational process changes and is important as companies look to manage the plethora of mobile devices.  If your next device refresh is the same as your last one, it may be an outdated solution.

Let’s go for a test!  I installed Windows 10 build 10074 with Hyper-V on my laptop with 1.5 gig ram allocated (works, but definently needs resources), after installing I was presented with this screen


Here you can click Express or Custom, this just changes your Feedback and other experience related settings, then I got a loading screen


Then I selected “This Device Belongs to my Company”


I clicked continue make sure you read this screen first


Then I typed in my username and password


I got my password wrong first time, but this error gave me something interesting, my Azure AD branding that I configured at TechEd Australia last year came through.


Then I got this screen, after 10 minutes watching the circle I went got a coffee then played with my phone.


Then I got this log in screen


Logging in


Then this error.  Not sure if it was a VM, network or ram issue.


I selected Try Again and it worked immediately.  Please note the default PIN complexity requirements.  This pin may now automatically work across several different devices.


But what does this mean and what has happen to my machine?  It is not on a domain, but if you check the sysinfo it says my logon server is \\AzureAD.

Edit:  I tested SSO for Office 365 and Azure as suggested by Alex Simons.  I could only get Azure SSO to work.  With Office 365 each time I tried to enter the URL it would redirect back to Office 365 login page.

I am sure in the coming months we will see more features and capabilities added.  Keep a look out for more on this topic at this year TechEd’s, Ignite and Build events around the world.


The key benefits and capabilities of Azure Active Directory and Windows 10:

  • Consistent user experience.
  • Single Sign on
  • Automatic Enrollment
  • Support modern form factors – devices that don’t have domain join functions.

This feature has huge potential so it is good to start planning any organisational transformations before Windows 10 goes GA.

Look at the following comment from Deniz regarding this new feature”Works great, well done, already started planning to decommission all onprem servers including ADs and work with AzureAD only with a fileserver vm in Azure.”

To get started refer to the following article:

Post by Alex Simons and Ariel Gordon

And follow these twitter handles

@aaronw2003  @Alex_A_Simons @askariel

To start planning for your business transformation you can deploy and test these features all from within your Microsoft Azure subscription and a VM.  If you don’t have an Microsoft Azure subscription you can take a trial here.

Aaron Whittaker @AaronW2003

profile pic


Great post on Windows 2012 R2 from TechEd US

This post is quiet handy as it has links to the videos on different topics, without having to watch the session from start to finish.

Cant attend TechEd? Register for the 20th September session

Come to the BNEHyper-V UserGroup for a Tech Special Session, presented by James Crawshaw TSP from Microsoft.

James will be presenting and demonstrating based on his sessions from TechEd.  Come see live demos on VMMT and Hyper-V replica.

TechEd Session Extract- Hyper-V Replica offers an affordable DR solution for virtualized workloads. It is included with Hyper-V, works with commodity storage, and has an inbox UI to set up standard DR flows. It also has a rich API surface (PowerShell and WMI) which provides extensibility for management partners (e.g., extend the inbox UI to an enterprise-grade DR solution) and hosting service providers (e.g., offer DR as a service).

Register Here

TechEd Requests

For those that cannot make it to TechEd 2012, here are the topics below.

  • Hyper-V Replica;
  • Hyper-V Live Storage Migration;
  • Hyper-V Extensible Switch;
  • Hyper-V Copy;
  • Networking including native NIC teaming and network virtualisation;
  • New virtual hard disk format;
  • Microsoft VDI.

Please comment to request which topic you would prefer to see at the next session.  Hopefully at TechEd I can arrange a presentation for an up coming user group!

First Session was a huge success!

With so much great new content to cover relating to Hyper-V 3.0 and the new features, it was going to be hard to get Reid Purvis from Microsoft to stop and take a breath.  Reid was very passionate and just scratched the surface, with many more sessions to follow!  The audience was engaged and had many great questions regarding the highly anticipated Windows Server 2012 with Hyper-V 3.0.  The first session demonstrated machine migrations.

Thanks to Reid coming all the way from Sydney to present.  Reid put on a great session and the demo gods were kind!  Next session will hopefully be a Tech Ed related presentation.  More to follow in coming months stay tuned!  Reid’s presentation can be found here.