Recently, I found that I needed to determine if a computer and user is part of an Azure AD domain using only Powershell.
I couldn’t find any documentation on this, however, since Windows knows that I’m part of an Azure Ad domain, it must store that information
somewhere.
I started searching the registry and I found what I was looking for.
There are two subkeys. One can be used to determine if a machine is joined to the azure domain, the other can be used to determine if a user is attached to that domain.
Determine if a machine is joined to AzureAd
HKLM:/SYSTEM/CurrentControlSet/Control/CloudDomainJoin/JoinInfo/{Guid}
Underneath the key, the following keys can be found:
– TenantId
– UserEmail
$subKey = Get-Item "HKLM:/SYSTEM/CurrentControlSet/Control/CloudDomainJoin/JoinInfo"
$guids = $subKey.GetSubKeyNames()
foreach($guid in $guids) {
$guidSubKey = $subKey.OpenSubKey($guid);
$tenantId = $guidSubKey.GetValue("TenantId");
$userEmail = $guidSubKey.GetValue("UserEmail");
}
Determine if a user is joined to an AzureAd Domain
HKCU:/SOFTWARE/Microsoft/Windows NT/CurrentVersion/WorkplaceJoin/AADNGC/{Guid}
Underneath the key, the following keys can be found:
– TenantDomain
– UserId
$subKey = Get-Item "HKLM:/SYSTEM/CurrentControlSet/Control/CloudDomainJoin/JoinInfo"
$guids = $subKey.GetSubKeyNames()
foreach($guid in $guids) {
$guidSubKey = $subKey.OpenSubKey($guid);
$tenantId = $guidSubKey.GetValue("TenantDomain");
$userEmail = $guidSubKey.GetValue("UserId");
}
Hopefully, this will save someone else the time it took me scouring through the registry to find this information.
