Microsoft are introducing Azure Active Directory (AAD) support in Windows 10 to “bring the cloud to enterprise desktops”. AAD support provides a number of benefits, including:
– Self-provisioning and MDM auto enrolment of corporate devices
– Single sign-on to company resources such as Office 365 and SharePoint
– Support for modern devices that cannot be domain joined
– Enterprise ready Windows Store supporting application licensing through AAD
AAD support is currently available in the latest release of the Windows 10 Insider Preview so let’s take a look at the new first run wizard. Note that the look and feel demonstrated here is how it currently appears in the Insider Preview and will be updated in the final release.
On first boot, we are presented with the following options.
Selecting ‘This device belongs to my company’ allows users to enter Office 365 credentials whereas ‘This device belongs to me’ allows users to enter Microsoft Account credentials or create a local account.
When ‘This device belongs to my company’ is selected, users are given a heads up that the device will be enrolled with their organisation. Additionally it advises not to join the machine to a domain otherwise they won’t be able to sign in.
After selecting continue, users can sign in using their AAD credentials
Entering my email@example.com AAD account takes me to our TD sign-in page
After successfully authenticating, my Windows 10 device is enrolled and company policies are applied.
After this process completes, I am presented with the Windows logon screen. I can now login to my Windows 10 device using my AAD credentials.
Running a ‘whoami’ shows that I’ve logged in with AAD credentials. Additionally my domain is now AzureAD (notice how PowerShell is now highlighting syntax!)
Stay tuned to more updates on Windows 10 as we get closer to the final release.
**If you would like to speak to TD about Windows 10 or other Microsoft technology, [contact us here](http://www.thomasduryea.com.au/contact/).**