Azure AD Joined removal

26th January 2023

Why do i want to remove a PC from Azure AD?
A PC can’t be a member of both AzureAD and a local Domain.
AzureAD doesn’t do much currently. Central Inventory of PC Hardware, Storage for HDD encryption keys (still Beta)
To do anything useful your Co. needs to purchase and connect a Mobile Device Management (MDM) product, either M$ Intune or a 3rd party.

It’s easy to remove a PC from Azure AD Joined status with the command
dsregcmd /debug /leave
the problems start after this

BEFORE you make any changes, make sure you have a local administrator account and you test & confirm that you know the password.

the account is stored in Azure so now the user doesn’t have an account to logon to the PC, but their profile including all their files, the desktop icons, etc is still on the PC

so we need to create a new local user account, or a domain account,
then copy or move all the files from the old profile to the new profile
this could take some time, take note if there were Dropbox or OneDrive synced folders

and the user needs to be logged back into Outlook and Teams
they should only need to logon once for all of their Microsoft accounts to be reconnected
BUT any Dropbox and different accounts will need to be logged on again