Is it true that you need a 2012 R2 functional level for device writeback?
We have 2008 R2 and devices are syncing back but we have the feeling that the kerberos tickets are not properly generated on-prem. On-prem AD is reachable and we are in the network.
Microsoft docs says this: Make sure at least one forest has Windows Server 2012R2
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-feature-device-writeback
I am not sure if there should only be a 2012 R2 server in the forest or that the domain functional level should be 2012 R2.
Hope to hear from you, thanks in advance.
