Azure ad join the device, What happens when you domain join your surface hub – Microsoft Surface Hub 2 SmCamera User Manual
Page 250
Surface Hubs use domain join to:
Grant admin rights to members of a specified security group in AD.
Backup the device's BitLocker recovery key by storing it under the computer object
in AD. See
Synchronize the system clock with the domain controller for encrypted
communication
Surface Hub does not support applying Group Policy or certificates from the domain
controller.
You can Azure Active Directory (Azure AD) to join the Surface Hub to allow IT pros from
your Azure AD tenant to configure settings. During first run, choose to use
. You will need to provide credentials that are capable of joining
the Azure AD tenant of your choice. After you successfully Azure AD join, the
appropriate people will be granted admin rights on the device.
By default, all
global administrators
will be given admin rights on an Azure AD joined
Surface Hub. With
Azure AD Premium
or
Enterprise Mobility Suite (EMS)
, you can add
additional administrators:
1.
, click
Active Directory
, and then click the name of
your organization's directory.
2. On the
Configure
page, under
Devices
>
Additional administrators on Azure AD
joined devices
, click
Selected
.
3. Click
Add
, and select the users you want to add as administrators on your Surface
Hub and other Azure AD joined devices.
4. When you have finished, click the checkmark button to save your change.
What happens when you domain join your Surface Hub?
7
Note
If your Surface Hub loses trust with the domain (for example, if you remove the
Surface Hub from the domain after it is domain joined), you won't be able to
authenticate into the device and open up Settings. If you decide to remove the
trust relationship of the Surface Hub with your domain,
Azure AD join the device
What happens when you Azure AD join your Surface Hub?