Hybrid Azure AD Joined Devices Health Checker

Posted on by

Coming from the fact that it does not mean that the hybrid device is in health state just by checking the output of “dsregcmd /status” command from the device itself. Also, it does not mean that the hybrid device is in health state by checking only the device in Azure AD devices blade.

To make sure that the hybrid device is in health state, we need to check both the device itself and the device in Azure AD.
When checking the device, we need to verify set of settings like if the device joined to the local AD and Azure AD…etc. Also, when checking the device in Azure AD, we need to verify set of settings like if the device is exist, is enabled and not in ending state…etc.

Verifying the hybrid device settings from the device itself and on Azure AD manually is not an easy process, specially when checking a huge umber of devices. Here the advantage of using Hybrid Devices Health Checker PowerShell script comes into picture to make it very easy to automate verifying the needed settings of behalf of you by performing various tests on the selected devices and shows the result on the Shell screen, grid view, generates HTML report, and provides some recommended actions to fix the non-healthy devices.

Why is this script useful?
– To check the hybrid status of specific device.
– To check the hybrid status of a set of devices from TXT/CSV/XLS file.
– To check the hybrid status of devices that are located in specific OU/Container.
– To check the hybrid status of all devices in entire domain.
– To automate a schedule task that checks the hybrid status of a set of devices.
– To trace the changes (connection and disconnection) on hybrid devices.
– To generate a friendly HTML report with the hybrid status.
– To show the result on Grid View, so you can easily search in the result.

What does this script do?
1. Checks the join status to the local AD.
2. Checks the connection status to Azure AD.
3. Checks the device certificate configuration.
4. Checks the device existence in Azure AD.
5. Checks the device status in Azure AD.
6. Checks if the device is enabled in Azure AD.
7. Checks if the device is in pending state in Azure AD.
8. Shows the health status of each device in various ways.
9. Provides recommendations to fix unhealthy devices.

Also, the PowerShell script:
1. Checks if ‘MSOnline’ module is installed. If not, it installs and imports it.
2. Checks if ‘ActiveDirectory’ module is installed (when selecting OU parameter). If not, it installs and imports it.

You can always download the updated version directly from the link: https://gallery.technet.microsoft.com/Hybrid-Azure-AD-Joined-0ea7e778

User experience:
– Checking specific device:
hybrid

– Checking set of devices:test

– The output report:HTMLReport