Windows 10 and some mobile devices (iOS or Android) can join Entra ID. When a user enters a username of <uwnetid>@uw.edu in the Entra ID device join experience or via Entra ID registration, if allowed, that device will end up in the UW’s primary Entra ID tenant.
Current state and Guidance
As of August 2020, the UW has enabled Entra ID device join for all users eligible for the Microsoft 365 A3 licenses. Hybrid join has been enabled since 6/25/2020.
The UW has allowed any device to be Entra ID registered since that capability was available.
|Entra ID device registration|
|Entra ID device join|
|Entra ID hybrid join|
Entra ID device registration is generally encouraged. Many applications like OneDrive for Business Sync require it, and many users don’t even realize they are dependent on this functionality.
Entra ID device join is generally discouraged. It is possible, but leaves the device in a state which makes it less than ideal. There are no general management capabilities provided via Intune at the UW at this time, and your local IT support can’t easily manage a device in this state.
Entra ID hybrid join is generally encouraged. There are two recommended paths to this state: per-device provisioning via Autopilot registration or by being an eligible computer in the NETID Active Directory.
Users who have chosen to do an Entra ID device join are advised that UW Administrative Policy Statement (APS) 55.1 “Mobile Device Use and Allowance Policy” does apply. You may be legally required to provide the UW unrestricted access to the device, and the UW reserves the right to remotely wipe the device or block your ability to read UW data present on the device. If you wish to disconnect your device from Entra ID , see https://myworkaccount.microsoft.com/device-list.
The UW has no plans at this time to perform device wipes (partial or otherwise).
Entra ID Device Details
There are 3 different associated states a device might be in with respect to Entra ID :
You can review and manage your Entra ID devices via https://myworkaccount.microsoft.com/device-list or https://account.activedirectory.windowsazure.com/r/#/profile, under “Devices & activity”.
You should only disable an Entra ID device if you have lost the device or the device is no longer in use. If you disable an Entra ID device, you will be unable to perform any Entra ID authentications from that device. You will not be able to re-enable it without UW-IT assistance. There is a high impact to the end user of a mistakenly disabling an Entra ID device.
Office products (including Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office ProPlus) on Windows require the device to be registered with the Entra ID of the user account in order to allow sign in with that user account. No device registration with the Entra ID = no sign in to Office for that Entra ID user from that device. Disabled device registration also mean no sign in. When you disable your device, you then can’t sign in from that device until you can get one of a small handful of people at the UW to re-enable that device for you.