Hybrid join will break☠️at the end of May 2025
Introduction
Yes, you've read the title right. Microsoft has anounced that by the end of MAY 2025, they will be radically changing the way devices are hybrid joined. Thus, with the existing Intune connector no new enrollments will be possible after MAY 2025.
Overview
You can find the famous connector in Devices -> Enrollment -> Intune Connector for Active Directory. The way it has been set up so far, you should have 1 connector there handling your hybrid join in conjunction with a Configuration profile that joins the Windows devices onprem.
Well.. all of that is about to change, as Microsoft is "changing" radically the connector under the pretext of "better security". Actually not just under the pretext.. they are actually making it more secure by giving it the exact level of permissions it needs, but this in turn will give you a headache.
If you are using multiple domains / subdomains onprem in which you are joining devices, you will now be required to setup a server for each domain / subdomain you are joining devices to. That will increase your costs with servers. I guess big organizations with multiple sites and locations are at risk to be greatly affected by this.
Also, for each new connector deployment you do, you'll have to reach over in the config file once installed, and manually configure the OUs that are in scope.
If you only have 1 domain, you still need to download, install and configure the new connector by the end of MAY 2025.
Conclusion
If you don't want to wake up in June with a batch of new devices to prepare, that suddenly can't be enrolled/joined, then you better plan in advance!
There's a blog from MS covering some more details about the change: https://techcommunity.microsoft.com/blog/intunecustomersuccess/microsoft-intune-connector-for-active-directory-security-update/4386898
Personal thought: MS is trying to push hybrid orgs to move faster to the cloud by making it cumbersome to stay in hybrid. But I might be wrong, who knows..
Hope you enjoyed the article, if you would like to know more, please subscribe below (it's free), and become a member, and you'll gain access to some premium pieces of content and ressources. And if you need help with configuring your tenant, migrating to the cloud, or any other related topic, please feel free to reach out through the contact section.