Forum Discussion
Allow user to AAD Join & InTune Enroll company devices only , not personal owned Win Pro/Ent device
I am trying to work out the best way of achieving the following restrictions: Allow Staff user accounts to be able to AAD Join and InTune AutoEnroll company owned devices Block Staff from AAD J...
PhilRiceUoS Are you using conditional access policies? The only thing I can think of outside of what you mentioned is to take a crack at setting up some conditional access policies that would incorporate the conditions you are trying to reach.
caseykraus after looking at CA for this I don't think it is possible to achieve. Conditional access policies I actually find quite limited TBH and hopefully they will increase the features they offer a lot more in the future.
