Azure AD JoinedLet's say that you have a new system in a remote location. The local staff opens the box, powers the system on and logs into the system with their 365 credentials. During that process, that system has become Azure AD Joined.
Systems cannot be both Azure AD joined and Local AD joined.
So, if you have a local AD and try to join the system to the local AD, an error message will show that joining the local AD cannot be done until it is no longer Azure AD Joined.
You can do this one by one but your not just tech support... you are a system administrator!
We need to do this in some type of shell command (command shell or power shell).
See if the system is joined to Azure AD or Local AD:
dsregcmd.exe /status
If it is Azure AD joined, leave the Azure AD:
dsregcmd /debug /leave
shutdown -r -t 3
After reboot, you can join the system to the Local AD:
For a single system:
add-computer -domainname domain.tld -Credential domain.tld\firstname.lastname -restart –force
Or to automate a group of systems:
$domain = "domain.tld"
$username = "domain.tld\foo.user.with.joining.privledges" (could be an admin account or an account setup to do just this task.)
$password = "password-here" |ConvertTo-SecureString -asPlainText -Force
Start-Sleep -s 10
$credential = New-Object System>management.Automation.PSCredential($username,$password)
Start-Sleep -s 20
add-computer -DomainName $domain -credential $credential
Start-Sleep -s 10
restart-computer