Forum Discussion
Windows 365 Hybrid AAD Join Health Check PC?
Hello,
We have recently deployed W365 Enterprise in our environment. Upon provisioning our first PC using Hybrid AAD Join we have noticied an additional computer object labelled "CPC-Hth*". Is this something required for the health checks of the service?
Cannot find informaiton on the MS Docs regarding what this object is used for.
Some one has posed the question on the Github repo for the docs but yet to receive an anwer from MS.
No mention of health check devices · Issue #2714 · MicrosoftDocs/memdocs (github.com)
Anybody got any ideas?
Cheers,
Ian
2 Replies
- Yes, this is a normal behavior;
When a Cloud PC is provisioned, it’s automatically joined to the provided domain. To test the domain join process, a domain computer object is created in the defined Organizational Unit (OU) with a name similar to "CPC-Hth" every time Windows 365 health checks are run.
https://learn.microsoft.com/en-us/windows-365/enterprise/troubleshoot-azure-network-connection#active-directory-domain-joinThanks, I knew I saw this info somewhere but why I'm looking this up again is because all these disabled devices keep requesting and getting issued computer certs from my PKI, and I have been pulling my hair out over this. I guess I just need to deny them, but that will just move the problem from 100's of issued certs to 100's of failed requests. If anyone has any ideas on how to really solve for this, I would appreciate it :)
