For this test, we will already assume that you already know how to assign tokens to the user accounts in the Virtual Domain. You can use exactly the same authentication methods and tokens as you would for your domain users.
To ensure the non-domain joined machine receives the offline policies and automatically downloads the offline tokens, each account must be logged in to at least once whilst the machine is connected to the network. If the machine is not in the same building you should still be able to logon as the local administrator and set up a VPN connection.
Online Testing (Local Standard account)
Online Testing (Local Admin account - no MFA required)
Once each account has been logged on at least once whilst the machine was connected to the network, you should now be able to remove the machine from the network, so it is truly stand-alone and can be used offsite.
Offline Testing (Local Standard account)
Offline Testing (Local Admin account - no MFA required)
