Not many people are aware that Microsoft Windows 10 since version 1609 have had support for Kerberos authentication and thereby also bridging an important gap between Azure AD Joined and Domain Joined machines. This is an important step in the migration to a more modern environment with hybrid devices and enabling modern workplace scenarios for customers with traditional intrastructure environments.
This will enable corporate users signing into a Azure AD Joined devices on the corporate network to access resource like:
- Existing domain applications
- Network shares
- and much more
Video demostration of the functionality:
Presentation from Everything User Group in Denmark: