Forum Discussion
WVD - Intune Auto enrolment for AAD only organisation
Hi All, been going round in circles... since we are completely Azure AD organisation, been told that we cannot do Intune Auto-enrolment for our WVD devices? Been pointed to articles that devices need to be hybrid AAD joined and since we don't have on-prem AD its not possible.
Any thoughts on how we can achieve Intune Auto-enrolment pls?
- You should be able to use Group Policy to do it:
https://www.anoopcnair.com/windows-10-intune-enrollment-using-group-policy-automatic-enrollment-wvd/
Assuming you are running Azure Active Directory Domain Services, you can still configure GPO etc on it, you just need a 'utility box' to be joined to the same network, domain as the ADDS domain as WVD and you can create the GPOs and deploy it to the WVD (sorry Azure Virtual Desktop) boxes.- Thanks Luke for a quick response. Do you have any blogs or articles on configuring GPO on ADDS pls?
- Here the Microsoft article: https://docs.microsoft.com/en-us/azure/active-directory-domain-services/manage-group-policy
Essentially you need:
* A Windows Server management VM that is joined to the Azure AD DS managed domain, in the same network as ADDS.
* Group Policy/AD Management tools installed and you can use that to create/modify the policies etc.
An added note, is that the utility box can be shutdown when not needed to save on cost.
- It looks like this was fixed recently. Not sure what I did exactly, but after completing the AzureAD's Mobility MDM setup and Intune's Auto Enrollment setup then all of a suddent new WVD creation had an option to enroll into Intune. First two WVDs that were created did not enroll and I could not enroll via Company Portal or Auto Enrollment, but after the two mentioned setups the 3rd had the option and shows in Intune. Hope that helps.
