I’ve been playing with Azure AD recently, and for the most part I’m pretty impressed. It has it’s perks in many ways, and I’ve found it to be useful for many smaller organizations that want to move away from or even compliment their on-premise Active Directory.
Although I found a very strange issue today. I found that I forgot to rename a PC from the standard Windows naming convention, so I decided to rename the PC, while it was already joined to Azure AD. My intention was to disjoin this PC from Azure, because I wanted to add it to the on-premise AD. I found that you do NOT rename a PC that is Azure AD joined, and then want to remove it in the future. You can’t! When disconnecting from Azure AD, it requires you to have a local admin account. Even after adding multiple local admin accounts, it will continue to tell you that it doesn’t work. I found I had to rename the PC back to the original name of when it was joined, then I was able to disconnect. Weird, wild stuff!