Code Library

When enterprises begin to adopt the cloud and the work force becomes mobile, managing an estate
that rarely touches the corporate network can become troublesome. There are a variety of other
challenges that occur; for example, how do you give access to organizational resources on a noncorporate device. Whatever the challenge Azure Active Directory (Azure AD) Domain Join is
another feature in Windows Server 2016 that will enhance the overall experience for identify and offer new capabilities for both corporate and personal devices alike.

Here are some of the benefits that come with Azure AD today:
 Availability of modern settings
On any device connected to a Windows domain or joined to an Azure AD Tenant, you now can access with your corporate credentials settings such as the following:
 Roaming or personalization, accessibility settings, and credentials
 Backup and restore
 Access to the Windows Store with your corporate credentials
 Live tiles and notifications

 Access organizational resources
On any device that traditionally can’t be domain joined. Now, you can grant access to corporate
resources.

 Single sign-on (SSO)
Provide SSO capabilities to Microsoft Office 365, internal resources, Software as a Service (SaaS) solutions, and so on.

 Bring Your Own Device (BYOD) equipment
On personal devices where you need to access corporate resources you can now specify a work account from which you can access those resources and be influenced by new technologies like
Conditional Access.

 MDM integration
Provides the ability for the BYOD scenario to become corporate-controlled resources via an autoenroll solution to your Mobile Device Management (MDM) solution like Microsoft Intune.

 Kiosk Mode for multiple users
You can configure a device in kiosk mode so that many users can interact with a single modern app; for example, a sign in application at the reception area of an enterprise.

 Developer experience
Lets your developers build applications that can cater to business and personal uses on a single stack

 Imaging
Give further control to the end users to accept the corporate image or allow corporate policies to be configured during the first-run experience.

Although these are all great features, why should you suddenly begin to adopt Azure AD Join?
Actually, there can be a variety of reasons, depending on what type of organization you are in. For
example, if yours is a startup organization with a large mobile foot print, providing users with the
ability to use their own laptops or personal machines that can connect to Azure AD Join would save
time and effort for the roll-out of a corporate policy. This would even stand true for more mature
organizations in relation to new markets that they want to penetrate and the difficulty they might
have in sending machines from corporate to the remote offices. Another possibility would be around
educational institutions and cloud email solutions such as those offered as a part of Office 365. These
institutions can manage all users in Azure AD and provide access to cloud email and control access to
other resources like Microsoft SharePoint Online.

Source of Information : Microsoft Introduction Windows Server 2016