Since Microsoft has introduced Azure Active Directory, the plan was to expand the cloud service up to build a big ecosystem in order to have an integration with the other platforms and the on-premise world.
The new Azure Active Directory Connect allows to synchronize not only users and groups but also devices to and from Azure. Windows 10 introduce a new feature called Azure AD Join, a way to link your device to Microsoft Azure with the corporate credentials.
A scenario could be this: an employee buy a new computer and he wants the classic configuration to manage corporate’s services. If the employee is far from us, is not easy do this with Azure AD and Microsoft Intune is possible manage remote users and create advanced policies to configure and edit some settings.
So, let see how to configure Azure AD and how to join Windows 10.
The first step is enable the Remote Join from your Microsoft Azure Portal, as showed in figure 1.
In Windows 10 is possible join your computer at the end of installation, figure 2, or when you want from the Control Panel (the new one).
Insert your corporate credentials, figure 3, and wait the authentication.
With Windows 10 is possible use a PIN, figure 4, during logon but also to buy app from Windows Store Business and to start corporate apps managed via Intune or System Center Configuration Manager.
After validation you will be able to logon with corporate credentials and your computer will be insert into user’s devices list, on Azure, as showed in figure 5.
In the next months will be possible synchronize devices joined on Azure, directly on your local AD with Azure AD Connect thanks the Device Writeback rule. Remember that you can manage Windows 10 with Microsoft Intune but also with System Center Configuration Manager.
For more information about EMS, read this link: http://blogs.technet.com/b/ad/archive/2015/06/12/azure-ad-microsoft-intune-and-windows-10-using-the-cloud-to-modernize-enterprise-mobility.aspx