Azure domain membership and Device Trust

Senior Member

Azure domain membership and Device Trust

Device Trust can check for membership to an AD domain to establish trust or not.  Does this currently include Azure AD membership as well?  Or does this only work with traditional Active Directory membership?



Tags (2)
Box Employee

Re: Azure domain membership and Device Trust

Hi @mtavel,


Thank you for posting in Box's Community Forum!


Please see the Device Trust KB article here.

  • Your question seems to stem off of the section I colored in red below from our Device Trust KB article.

Excerpt from Device trust KB article:

Desktops (Mac and Windows)

Both Mac and Windows:

  • Require certificate to be installed: you can require that all managed users have a specific root certificate installed to establish the ownership of a device.
    • Supported formats: pem, cer, der, crt
    • Checks for the same certificate on each machine  
  • Requires devices to be joined to a domain: you can require that a device be joined to an AD domain


Our Device Trust  domain check identifies if the device is on the designated domain. If Azure AD properly distinguishes the correct domain for the device, there should be no issue. 

  • For example, on a Windows device, Device Trust will essentially check the following location:
    • Control Panel > System and Security > System > Domain
      • If Azure AD makes the correct domain association for the device here, Azure AD should work without issue.
      • We are agnostic to the AD, we simply check if the device is on the correct domain.

If you need more information, please submit a ticket to User Services following this link.




James - Box Support