How to setup and log in Windows 10 to Azure AD

Have you never used Windows 10 with Azure AD?  We break down how to add users to Azure Active Directory, check if the computer is joined to Azure AD, and how to authenticate the new created user to Azure AD. Get your party hat on, this is going to be fun!!!

Quick Resource Links:

Windows Login Problems

Struggling to login into Windows 10?  Do you use an email address to login?  They are multiple way to authenticate to Windows at the Windows logins screen but only one may work or contain your profile data.  Email address, local user account, and domain account are the methods for authentication.   Click the link above to see which method works for you.

Azure Active Directory is the gateway into Intune

Follow this guide to get more context as to why Mobile Device Management is more important now than ever.  Then learn how to join devices to Azure AD and how Intune sometimes is added at the same time.

Don’t understand Microsoft 365 Licensing?

Are you the point of contact for the IT administrator of your Office 365 Email Server or Active Directory?  Get acquainted with the subscription licensing structure.  PS – Office 365 in most cases will be rebranded as Microsoft 365 after April 2020.

Best practice setup of network environment

Do I use modern IT (Azure AD) , traditional IT (LDAP domain controller), or a mixture of both?

What is Azure AD?

You may already have it and don’t know if your email is hosted by Microsoft Office 365.  It’s a free subscription when you have Office 365 email by Microsoft or any Microsoft 365 subscribed service.  At the heart of Azure AD, it is nothing more than an identification management service. The identity service provides single sign using OAUTH2 or SAML authentication. A free Azure Active Directory subscription comes default with Office 365 or now known as one many suite of options in the Microsoft 365 line of products.  The free version does not include the Sign-ins activity report. To record sign-in activity (which can be useful in the event of a data breach), you need an Azure Active Directory Premium subscription.

Device Registration Options

We illustrate some options for registering to Windows 10 Azure AD and some other devices who like to join Azure AD or perform a device registration.  Device registration come in handy when the employee owns their own device.   A good example of this is when they want to use their iPhone with Outlook Mobile app for accessing their corporate email.

ProTip! Ensure device auto enrollment is turned on when using a Business Premium license.  Autoenrollment allows devices that join to Azure AD to automatically be enrolled in Intune and have policies.  The Microsoft 365 Business Premium license features Intune.

Windows 10 Azure AD















User authentication? We already have that…

No dude…  Read up on component scenarios.  You may have…

  • Traditional AD.
  • Active Directory Server, in Azure or On-Premises (Traditional AD, extend to cloud *** No ADDS)
  • Azure AD
  • Azure AD Domain Services (AADDS)
  • MaaS 360?  Idunno, there’s different way of authenticating to a central server location.

Are you not hosted by Microsoft 365 Business?

Defer to the Microsoft 365 Licensing to see what is the best subscription for your team.  For most small businesses that should have security at the top of mind, it is Microsoft 365 Business Premium.

Great! The user is already created on Microsoft 365 Business.  What now?

  • Join a Device
    • Make sure the Windows 10 computer is registered with your Azure environment if you are not using logging into Windows 10 via a “local account” or “domain account” and want to take advantage of  Windows 10 Azure AD features.
  • Manage a Device
    • Read up on how to view your devices from Azure.
  • “Registering” or “Joining”  Azure
    • More fun literature I don’t care to explain.

Any user with an email address setup through the Microsoft Admin Center can authenticate to any Windows 10 computer on the network.  The authentication works as follows:

  • Click “Other user”
  • Type work email address and password
  • Correct sign in options if you are not able to login

Warning: Users will not able to authenticate to the Windows 10 computer if the computer is not joined to Azure AD













I don’t want to login with my email address.  Windows 10 load a completely different profile than what I am use to.   I want use my Windows local account.

At the Windows login, use…




We have traditional IT network with an Active Directory domain controller (DC) on-site.  How do I authenticate then?

At the Windows login, use…


How do I know if my computer is joined to Azure AD at the login prompt?

Can you use an email address at login?  There are several methods of authenticating or troubleshooting whether your users are a part of or joined to Azure AD.  The easiest is simply selecting “other user” for verifying if you can authenticate with their email address at the Windows 10 login Screen.  Confirm you are truly using Windows 10 Azure AD features once you are logged in with an an email address by viewing and troubleshooting with the illustrations below.

Can a user be logged into Windows 10 without authenticating to Azure AD?

Yes, some user accounts could have created a local account during the new computer setup.  NetworkAntics recommends creating our personalized “localadmin” administrator account and not the employees user name during the initial new computer setup.  Windows 10 Azure AD c


How do I confirm I’m joined to Azure AD if one of employees is already logged in to the computer?


  • open elevated cmd on machine and run below command to check the status
    “dsregcmd /status”



  • Alternatively, go to start menu type “Settings” and open it.  Find accounts and  you should see under “Access work or school” the admin account authenticating to Azure AD.

Windows 10 Azure AD









The Admin account for Azure AD is also listed under “other people”  Otherwise, you need to join Azure AD if you do not see any of these illustrations connected to Azure AD.

Windows 10 Azure AD











I have Azure AD and the user account email address is authenticated or logged on to the Windows 10 desktop.  What now?


Front Desk Applications:
Scanning Software
Foxit Reader


Document As You Go

  • Keepass User and Email
  • Info Sheet




A Brief Nerding Out Session.  (most people can skip ahead) Azure AD Resources:


Azure AD is *not* a domain.   Azure AD is fundamentally different than a domain environment.

Azure AD accounts use the naming format.  But it should not be mistaken as an email address.  A user *may* have the same email, but it isn’t necessary.  If you create an Azure AD tenant, and create an Azure AD user in the portal, that account can be used to log into a windows 10 that is joined to the same Azure AD tenant using the account format even if no email is associated with that account.

With that said, no there are no other formats (such as the old-school NetBIOS\username format of old) that works.  In Azure AD, it will always be user@tenant.tld

Additional Microsoft Resources:

Joining to network

Azure Ad joined vs Azure AD Registered

**Azure support team**

Windows 10 Azure AD

Windows 10 Azure AD Summary


There you go!   You have Azure AD IT administrator experience.  This is a nice foundation piece for you to add on to more IT related administrator stuff later.


Azure AD:

Hosted O365 Resources:

Exchange or Mail Locally Hosted On-Site Resources:

Hosted or Local Hosted Links:


Leave a Reply

Your email address will not be published. Required fields are marked *