close
How to Register Windows 10 with Azure Active Directory
Registering Windows 10 devices with an identity provider, like Azure Active Directory, is an important part of including endpoints in the Zero Trust security model.
In this article, I’m going to show you how to register Windows 10 with Azure Active Directory. You will 1) register a Windows 10 device with Azure Active Directory using the Settings app in Windows 10 and then 2) check that the device successfully registered using the Microsoft Endpoint Manager portal.
advertisment
Protecting Data and Devices using Identity
Your organization’s data is accessed by different devices, like laptops, tablets, iOS and Android mobiles. And even IoT devices. The devices may be corporate owned or personal. And users may be located within the corporate network or outside it. Under these circumstances, it is imperative to first know which devices are accessing your organization’s data and then to devise a security plan to manage it.
The security landscape is changing quickly as more and more users are working remotely and using their own devices. Without a robust security model to handle this predicament, endpoints can easily become the weakest link in your organization’s security.
Microsoft’s identity-centric Zero Trust solution requires that every user accessing an application must be verified. Zero Trust requires that all requests for access, regardless of where they originate, must be verified as if they come from an untrusted network.
All endpoints must be registered with a cloud identity provider
All devices must be registered with a single cloud identity provider, like Azure Active Directory (AD). The advantages of this approach are that it provides a centralized location to manage all your security policies, view devices, associated risks, and compliance status.
advertisment
Devices registered with Azure AD are usually Bring Your Own Device (BYOD). Registration is supported not just on Windows 10 but also iOS, Android, and macOS. But when you join a Windows 10 device to AAD, users sign in to Windows using their organizational work or school account from the lock screen, either using a password, Windows Hello for Business, or FIDO2.0 security keys. It’s important to understand the difference between register and join when talking about Azure AD.
Register corporate devices with Azure Active Directory
Let’s take a look at the steps required to register a Windows 10 device with Azure AD.
- In Windows 10, access the Accounts section in Settings.
Access the Accounts section in the Windows 10 Settings app
advertisment
2. Click Access work or school, and then select Connect, and enter your email address and password.
Click Access work or school, and then select Connect, and enter your email address and password.
Registration will take a few moments. In the image below, you can see that registration is complete.
Complete registration.
Now access the Microsoft Endpoint Manager (MEM) portal, and check the devices registered for the user. You should be able to confirm if the device was registered successfully.
Check the devices registered for the user.
And that is it! In a follow-up article, I will show you how to join a Windows 10 device to Azure Active Directory.
More from Vignesh Mudliar
More in Security
Microsoft Releases Patches to Address Azure FabricScape Flaw Affecting Linux Workloads
Jun 29, 2022 | Rabia Noureen
Microsoft Defender for Identity Can Now Detect Insecure Domain Configurations
Jun 27, 2022 | Rabia Noureen
QNAP Releases Patch to Fix PHP Security Flaw Affecting Select NAS Devices
Jun 23, 2022 | Rabia Noureen
Microsoft Unveils New Edge Secured-Core IoT Devices to Block Firmware Attacks
Jun 22, 2022 | Rabia Noureen
Most popular on petri