-->
Bringing your devices to Azure AD maximizes user productivity through single sign-on (SSO) across your cloud and on-premises resources. You can secure access to your resources with Conditional Access at the same time.
An operating system is a fundamental software that allows a computer to operate. As a newly formed company, Microsoft's first operating system product to be publicly released was a version of Unix called Xenix, released in 1980. Xenix was later used as the basis for Microsoft's first word processor Multi-Tool Word, a predecessor to Microsoft Word. Founded in 1975 by Paul Allen and Bill Gates, Microsoft Corporation is one of the largest and most influential companies in the personal computer industry. In addition to developing the de facto standard operating systems — DOS and Windows — Microsoft has a strong presence in almost every area of computer software, from programming tools to end-user applications. Surface Laptop 4 also includes Microsoft's excellent front-facing web camera, 1x USB-A port, a 3.5mm headphone jack, and a USB-C port in addition to the Surface Connect port for charging.
Prerequisites
By mid-1995, Microsoft released its first version of Internet Explorer. In 1998, Windows 98 was introduced as the first software for personal computer usage. It included system-restore applications and the ability to record, play, and share digital music and movies with Microsoft Windows Media Player 7. Microsoft Corporation is an American multinational technology corporation which produces computer software, consumer electronics, personal computers, and related services. Its best-known software products are the Microsoft Windows line of operating systems, the Microsoft Office suite, and the Internet Explorer and Edge web browsers.
- Azure AD Connect version 1.1.819.0 or later.
- Don't exclude the default device attributes from your Azure AD Connect sync configuration. To learn more about default device attributes synced to Azure AD, see Attributes synchronized by Azure AD Connect.
- If the computer objects of the devices you want to be hybrid Azure AD joined belong to specific organizational units (OUs), configure the correct OUs to sync in Azure AD Connect. To learn more about how to sync computer objects by using Azure AD Connect, see Organizational unit–based filtering.
- Global administrator credentials for your Azure AD tenant.
- Enterprise administrator credentials for each of the on-premises Active Directory Domain Services forests.
- (For federated domains) At least Windows Server 2012 R2 with Active Directory Federation Services installed.
- Users can register their devices with Azure AD. More information about this setting can be found under the heading Configure device settings, in the article, Configure device settings.
Hybrid Azure AD join requires devices to have access to the following Microsoft resources from inside your organization's network:
https://enterpriseregistration.windows.net
https://login.microsoftonline.com
https://device.login.microsoftonline.com
https://autologon.microsoftazuread-sso.com
(If you use or plan to use seamless SSO)- Your organization's Security Token Service (STS) (For federated domains)
Warning
If your organization uses proxy servers that intercept SSL traffic for scenarios like data loss prevention or Azure AD tenant restrictions, ensure that traffic to these URLs are excluded from TLS break-and-inspect. Failure to exclude these URLs may cause interference with client certificate authentication, cause issues with device registration, and device-based Conditional Access.
If your organization requires access to the internet via an outbound proxy, you can use Web Proxy Auto-Discovery (WPAD) to enable Windows 10 computers for device registration with Azure AD. To address issues configuring and managing WPAD, see Troubleshooting Automatic Detection.
If you don't use WPAD, you can configure WinHTTP proxy settings on your computer with a Group Policy Object (GPO) beginning with Windows 10 1709. For more information, see WinHTTP Proxy Settings deployed by GPO.
Note
If you configure proxy settings on your computer by using WinHTTP settings, any computers that can't connect to the configured proxy will fail to connect to the internet.
If your organization requires access to the internet via an authenticated outbound proxy, make sure that your Windows 10 computers can successfully authenticate to the outbound proxy. Because Windows 10 computers run device registration by using machine context, configure outbound proxy authentication by using machine context. Follow up with your outbound proxy provider on the configuration requirements.
Verify devices can access the required Microsoft resources under the system account by using the Test Device Registration Connectivity script.
Managed domains
We think most organizations will deploy hybrid Azure AD join with managed domains. Managed domains use password hash sync (PHS) or pass-through authentication (PTA) with seamless single sign-on. Managed domain scenarios don't require configuring a federation server.
Note
Azure AD doesn't support smart cards or certificates in managed domains.
Configure hybrid Azure AD join by using Azure AD Connect for a managed domain:
- Start Azure AD Connect, and then select Configure.
- In Additional tasks, select Configure device options, and then select Next.
- In Overview, select Next.
- In Connect to Azure AD, enter the credentials of a global administrator for your Azure AD tenant.
- In Device options, select Configure Hybrid Azure AD join, and then select Next.
- In Device operating systems, select the operating systems that devices in your Active Directory environment use, and then select Next.
- In SCP configuration, for each forest where you want Azure AD Connect to configure the SCP, complete the following steps, and then select Next.
- Select the Forest.
- Select an Authentication Service.
- Select Add to enter the enterprise administrator credentials.
- In Ready to configure, select Configure.
- In Configuration complete, select Exit.
Federated domains
A federated environment should have an identity provider that supports the following requirements. If you have a federated environment using Active Directory Federation Services (AD FS), then the below requirements are already supported.
- WIAORMULTIAUTHN claim: This claim is required to do hybrid Azure AD join for Windows down-level devices.
- WS-Trust protocol: This protocol is required to authenticate Windows current hybrid Azure AD joined devices with Azure AD. When you're using AD FS, you need to enable the following WS-Trust endpoints:
/adfs/services/trust/2005/windowstransport
/adfs/services/trust/13/windowstransport
/adfs/services/trust/2005/usernamemixed
/adfs/services/trust/13/usernamemixed
/adfs/services/trust/2005/certificatemixed
/adfs/services/trust/13/certificatemixed
Warning
Both adfs/services/trust/2005/windowstransport and adfs/services/trust/13/windowstransport should be enabled as intranet facing endpoints only and must NOT be exposed as extranet facing endpoints through the Web Application Proxy. To learn more on how to disable WS-Trust Windows endpoints, see Disable WS-Trust Windows endpoints on the proxy. You can see what endpoints are enabled through the AD FS management console under Service > Endpoints.
Configure hybrid Azure AD join by using Azure AD Connect for a federated environment:
- Start Azure AD Connect, and then select Configure.
- On the Additional tasks page, select Configure device options, and then select Next.
- On the Overview page, select Next.
- On the Connect to Azure AD page, enter the credentials of a global administrator for your Azure AD tenant, and then select Next.
- On the Device options page, select Configure Hybrid Azure AD join, and then select Next.
- On the SCP page, complete the following steps, and then select Next:
- Select the forest.
- Select the authentication service. You must select AD FS server unless your organization has exclusively Windows 10 clients and you have configured computer/device sync, or your organization uses seamless SSO.
- Select Add to enter the enterprise administrator credentials.
- On the Device operating systems page, select the operating systems that the devices in your Active Directory environment use, and then select Next.
- On the Federation configuration page, enter the credentials of your AD FS administrator, and then select Next.
- On the Ready to configure page, select Configure.
- On the Configuration complete page, select Exit.
Federation caveats
With Windows 10 1803 or newer, if instantaneous hybrid Azure AD join for a federated environment using AD FS fails, we rely on Azure AD Connect to sync the computer object in Azure AD that's then used to complete the device registration for hybrid Azure AD join.
Other scenarios
Organizations can test hybrid Azure AD join on a subset of their environment before a full rollout. The steps to complete a targeted deployment can be found in the article Hybrid Azure AD join targeted deployment. Organizations should include a sample of users from varying roles and profiles in this pilot group. A targeted rollout will help identify any issues your plan may not have addressed before you enable for the entire organization.
Some organizations may not be able to use Azure AD Connect to configure AD FS. The steps to configure the claims manually can be found in the article Configure hybrid Azure Active Directory join manually.
Government cloud
For organizations in Azure Government, hybrid Azure AD join requires devices to have access to the following Microsoft resources from inside your organization's network:
https://enterpriseregistration.microsoftonline.us
https://login.microsoftonline.us
https://device.login.microsoftonline.us
https://autologon.microsoft.us
(If you use or plan to use seamless SSO)
Troubleshoot hybrid Azure AD join
If you experience issues with completing hybrid Azure AD join for domain-joined Windows devices, see:
Next steps
Microsoft is a leading global vendor of computer software; hardware for computer, mobile and gaming systems; and cloud services. Microsoft's corporate headquarters is located in Redmond, Wash., and it has offices in more than 60 countries.
Company origins
Microsoft's roots go back at least as far as 1975, when the first commercially available personal computer appeared on the cover of Popular Electronics magazine. The Altair 8800 was a rudimentary system, but it found a market for home-based computers and created a new demand for software to use with these systems.
Bill Gates and his friend Paul Allen immediately saw the potential. Gates contacted the manufacturer Micro Instrumentation and Telemetry Systems (MITS) and offered to write a program for the new computer. Gates and Allen created an interpreter for BASIC -- then a mainframe programming language -- to use with the Altair.
MITS hired Gates and Allen in 1975. But by 1976, they had left to devote more time to their own fledgling company, Microsoft, which they incorporated in 1981. The company went public in March 1986.
MS-DOS
Microsoft's major breakthrough occurred in 1981 when the company furnished an operating system for IBM's first major entry into personal computers. Called PC-DOS by IBM, Microsoft also marketed its own version, MS-DOS (Microsoft Disk Operating System). The early 1980s saw both IBM's and Microsoft's fortunes soar. Microsoft dominated the software market, just as IBM dominated the personal computer market. A PC -- other than one from Apple -- was commonly referred to as an 'IBM-compatible' clone; these clones featured microchips from Intel.
Windows OS
In 1983, Microsoft introduced its first Windows operating system, Windows 1.0, which was not released until November 1985. Heavily influenced by Apple's existing graphical user interface, Windows 1.0 was more user-friendly than the command-line interface of DOS, with menus that the user could access with a keyboard or mouse.
Microsoft has released a long succession of operating systems for home users, including Windows 3.0 in May 1990, Windows 95 in August 1995 (later updated to Windows 98), Windows XP in October 2001, Windows Vista in January 2007, Windows 7 in October 2009, Windows 8 in October 2012 (later updated to Windows 8.1), and Windows 10 arrived in July 2015 as the latest OS iteration.
Windows Server OS
Microsoft also plays a prominent role in data centers with its enterprise-class server operating systems to give organizations powerful administrative control of large corporate networks and services. Key features in the Windows Server operating system include Active Directory, which automates the management of user data, security and distributed resources, and enables interoperation with other directories; and Server Manager, which is a utility to administer server roles and make configuration changes, either on local or remote machines.
Early versions of enterprise operating systems included Windows NT 3.1 Advanced Server (released in 1993), Windows NT 3.5 Server (released in 1994), Windows NT 4.0 Server (released in 1996) and Windows 2000 Server (released in 2000). Later versions adopted a 'Windows Server' nomenclature, including Windows Server 2003 (released in 2003), Windows Server 2003 R2 (released in 2005), Windows Server 2008 (released in 2008), Windows Server 2008 R2 (released in 2009), Windows Server 2012 (released in 2012) and Windows Server 2012 R2 (released in 2013). Windows Server 2016 is the latest enterprise OS made generally available in October 2016.
Microsoft Office
Building on the success of its operating systems, Microsoft moved into the development of productivity software.
What Is Microsoft Excel In Computer
Microsoft Office first appeared in 1990. The productivity package features a number of bundled applications and includes the word processor named Word, Excel spreadsheet, Access database, PowerPoint presentation creator, Outlook email client and other tools in the same package. In addition to the desktop applications for Windows and Mac OS operating systems, Microsoft also offers Office Mobile for smartphones.
Internet Explorer
Microsoft capitalized on the growing popularity of the World Wide Web when it released its web browser, Internet Explorer (IE), in Windows 95 Plus in 1995.
In 1998, the U.S. Department of Justice sued Microsoft for antitrust violations. It accused the company of stifling web browser competition when it bundled IE with the Windows operating system. In 2001, a settlement was reached that did not require Microsoft to remove IE from the operating system.
Microsoft deprecated IE in Windows 10 in favor of the Edge browser. While it is no longer the default browser in Windows, IE remains a part of the operating system.
Development platforms
Microsoft launched its .NET framework -- a programming model to help developers build applications for Windows -- and its Visual Studio application development environment in 2002.
The core components of the .NET platform are its Common Language Runtime, which lets nearly any language compile down to an intermediate language, and the Framework Class Library, which provides core functions for any language.
In 2014, Microsoft announced it would turn the .NET Core stack, runtime and framework libraries into an open source project and make the code available through GitHub.
Management applications
Microsoft develops and sells enterprise-class systems management software tools, including System Center, which helps IT administrators deploy, configure, maintain and manage sophisticated corporate data center installations. System Center components and services include:
- System Center Advisor
- System Center App Controller
- System Center Configuration Manager (SCCM)
- System Center Data Protection Manager
- System Center Endpoint Protection
- System Center Essentials
- System Center Operations Manager (SCOM)
- System Center Service Manager
- System Center Virtual Machine Manager
Hardware offerings
Microsoft started its hardware division in 1982 to develop a mouse to use with Microsoft Word.
What Is Microsoft In Computer Science
Since then, the company has ventured deeper into the hardware market, releasing the Xbox gaming console system in 2001 as a direct competitor to established gaming companies, like Sony and Nintendo. In November 2013, Microsoft's released its latest gaming console, Xbox One, which features the ability to recognize voice commands and use Skype via the Kinect camera.
Microsoft offers the Surface family of tablet computers, which bundle tablet hardware with the Windows operating system. The first Surface appeared in 2012 and has been superseded by several subsequent models. The latest versions include the Surface Pro 4 (October 2015), Surface Book (October 2015), Surface Studio (October 2016) and Surface Book with Performance Base (October 2016).
Microsoft's Windows Phone echoes this same strategy, melding smartphones from manufacturers like Nokia with versions of the Windows Phone operating system. Microsoft replaced this operating system with the Windows 10 Mobile operating system, which features the similar tile-based Metro interface and Cortana, a virtual assistant for voice-activated features.
Azure
Microsoft also entered the public cloud market when it introduced the Windows Azure platform in October 2008 and made it available in February 2010 as a competitor to Amazon Web Services (AWS).
The company renamed the offering Microsoft Azure in March 2014. As Microsoft's public cloud computing platform, Azure provides a range of cloud services, including those for compute, analytics, storage, networking, management, machine learning and big data capabilities. Users can pick from these services to develop and scale new applications, or run existing applications, in the public cloud.
Office 365 and SaaS
Microsoft further expanded its line of business with a range of online services to provide software as a service (SaaS) offerings to end users and enterprise customers. Microsoft launched Office 365 in 2011 and the Outlook.com webmail service in July 2012. Services allow persistence, letting users pick up where they left off no matter which device they work from, while eliminating the installation and maintenance issues that plague traditional endpoint installations. However, services carry recurring costs and connectivity requirements that users and businesses must consider.
Notable acquisitions
In May 2011, Microsoft acquired internet Voice over IP and video conferencing provider Skype for $8.5 billion.
Remove Microsoft Login In Computer
In 2013, Microsoft announced a $7.2 billion acquisition of noted mobile phone vendor Nokia to make headway into the mobile market, which had been dominated by Android and Apple devices. But, in 2015, Microsoft said it would lay off about 7,800 employees -- mostly in its Windows smartphone hardware business -- and take a $7.6 billion write-down related to assets from the acquisition.
In 2016, Microsoft announced it would purchase LinkedIn, the business social networking site, for $26.2 billion. The company plans to integrate the LinkedIn platform with several Microsoft services, such as Microsoft Outlook, Dynamics and Office 365.
Leadership
Microsoft has experienced several changes in leadership through the years.
What Is Microsoft Excel In Computer
Bill Gates led Microsoft from its earliest days before handing over the position of CEO to longtime friend and employee Steve Ballmer in January 2000.
Ballmer refocused the company on devices and services, leading to products like Xbox and Office 365.
Ballmer stepped down in February 2014 and was replaced by longtime employee Satya Nadella, who had been executive vice president of Microsoft's cloud and enterprise division. Microsoft's emphasis on services like Azure reflects Nadella's push to get the company to be the prominent player in the 'mobile-first, cloud-first' world.