Table of Contents
Export the Hybrid AD Joined devices using Microsoft Entra portal
1. The first way, you can download the device list from the Microsoft Entra portal (formerly is Azure Active Directory portal).
2. Navigate to the following section Azure Active Directory | Devices | All devices.
3. Click Download devices link.
4. Once the download link is generated, you can download it to your computer with csv file format.
The file includes all type of devices, so you can filter it to get the list of Hybrid AD Joined devices only.
Export the Hybrid AD Joined devices using PowerShell
There’re two ways to achieve that goal. We can use the Microsoft Graph or Microsoft Azure AD PowerShell modules. Before you begin, let’s following the following post to install required module:
Using the Azure AD PowerShell (MSOL) module
1. Right click on the Windows start icon then open a PowerShell (or Terminal in Windows 11) window then run the command below to connect to Azure Active Directory.
Connect-MsolService2. Once connected, you can run the following codes to get the list of all devices in your Azure AD tenant. The code will show all devices including Azure AD joined, Hybrid AD joined, and Azure AD Registered.
$Obj = "DisplayName","DeviceOsVersion","DeviceTrustType","LastDirSyncTime","Enabled"
$Report = Get-MsolDevice -All | Select-Object $Obj
$Report | Format-Table
#Uncomment the below line to export the result to CSV
#$Report | Export-Csv C:\Temp\report.csv In the output, you can determine:
- Domain Joined = Hybrid AD Joined
- Azure AD Joined
- Workplace Joined = Azure AD Registered.
#Output
DisplayName DeviceOsVersion DeviceTrustType LastDirSyncTime Enabled
----------- --------------- --------------- --------------- -------
DESKTOP-51ABT50 10.0.19045.2006 Domain Joined 2/17/2023 11:37:01 AM True
DESKTOP-8B4TN6U 10.0.19045.2604 Azure AD Joined True
DESKTOP-EBL2UQ1 10.0.22621.1265 Workplace Joined TrueAlternatively, you can filter the output to get the report of each device type as well.
#Export the Hybrid AD Joined devices only
$Obj = "DisplayName","DeviceOsVersion","DeviceTrustType","LastDirSyncTime","Enabled"
$Report = Get-MsolDevice -All | where {($_.DeviceTrustType -eq 'Domain Joined')} | Select-Object $Obj
$Report | Format-Table
#Export the Azure AD Joined devices only
$Obj = "DisplayName","DeviceOsVersion","DeviceTrustType","LastDirSyncTime","Enabled"
$Report = Get-MsolDevice -All | where {($_.DeviceTrustType -eq 'Azure AD Joined')} | Select-Object $Obj
$Report | Format-Table
#Export the Azure AD Registed devices only
$Obj = "DisplayName","DeviceOsVersion","DeviceTrustType","LastDirSyncTime","Enabled"
$Report = Get-MsolDevice -All | where {($_.DeviceTrustType -eq 'Workplace Joined')} | Select-Object $Obj
$Report | Format-TableUsing the Microsoft Graph PowerShell
The Microsoft Graph PowerShell SDK acts as an API wrapper for the Microsoft Graph APIs, exposing the entire API set for use in PowerShell. It will help administer every Azure AD feature that has an API in Microsoft Graph.
1. Open PowerShell the run the following command to connect to Microsoft Graph API with the required scope.
Connect-MgGraph -Scopes Device.Read.All2. Once connected, you can run the following codes to get the list of all devices in your Azure AD tenant. The code will show all devices including Azure AD joined, Hybrid AD joined, and Azure AD Registered.
$Obj = "DisplayName","OperatingSystem","OperatingSystemVersion","TrustType"
$Report = Get-MgDevice -All | Select-Object $Obj
$Report | Format-Table
#Uncomment the below line to export the result to CSV
#$Report | Export-Csv C:\Temp\report.csv In the output, you can determine:
- ServerAD = Hybrid AD Joined
- AzureAd = Azure AD Joined
- Workplace = Azure AD Registered.
#Output
DisplayName OperatingSystem OperatingSystemVersion TrustType
----------- --------------- ---------------------- ---------
DESKTOP-51ABT50 Windows 10.0.19045.2006 ServerAd
DESKTOP-8B4TN6U Windows 10.0.19045.2604 AzureAd
DESKTOP-EBL2UQ1 Windows 10.0.22621.1265 WorkplaceAlternatively, you can filter the output to get the report of each device type as well.
#Export the Hybrid AD Joined devices only
$Obj = "DisplayName","OperatingSystem","OperatingSystemVersion","TrustType"
$Report = Get-MgDevice -All | where {($_.TrustType -eq 'ServerAd')} | Select-Object $Obj
$Report | Format-Table
#Export the Azure AD Joined devices only
$Obj = "DisplayName","OperatingSystem","OperatingSystemVersion","TrustType"
$Report = Get-MgDevice -All | where {($_.TrustType -eq 'AzureAd')} | Select-Object $Obj
$Report | Format-Table
#Export the Azure AD Registed devices only
$Obj = "DisplayName","OperatingSystem","OperatingSystemVersion","TrustType"
$Report = Get-MgDevice -All | where {($_.TrustType -eq 'Workplace')} | Select-Object $Obj
$Report | Format-Table
