Forum Discussion
sidhinsasi
Mar 21, 2023Copper Contributor
Best way to join AzureAD devices to Intune
Any suggestions on best way to join AzureAD devices to Intune. Users do not have admin access and are synced from Onpremises to AAD. I need to have zero user interaction as I am using RMM tool t...
- Mar 21, 2023
almost as if it is looking for the proper version ..32/64 .... that's odd.. changing the path to sysnative instead isnt working also???? also .... tanium 🙂 we can always blame mister niehaus... right 😉
sidhinsasi
Mar 23, 2023Copper Contributor
thanks Rudy. i was able to get it working after tweaking the deploy method in Tanium 🙂
Mar 23, 2023
nice to hear ! Could you explain what you die change? For people experiencing the same issue
- sidhinsasiMar 23, 2023Copper Contributor
First ran the Option 3 (Powershell) in your solution
$registryPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\MDM"
New-Item -Path $registryPath
$Name = "AutoEnrollMDM"
$Name2 = "UseAADCredentialType"
$value = "1"
new-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null
new-ItemProperty -Path $registryPath -Name $name2 -Value $value -PropertyType DWORD -Force | Out-NullThen ran the earlier script
$key = 'SYSTEM\CurrentControlSet\Control\CloudDomainJoin\TenantInfo\*'
$keyinfo = Get-Item "HKLM:\$key"
$url = $keyinfo.name
$url = $url.Split("\")[-1]
$path = "HKLM:\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\TenantInfo\$url"
New-ItemProperty -LiteralPath $path -Name 'MdmEnrollmentUrl' -Value 'https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc' -PropertyType String -Force -ea SilentlyContinue;
New-ItemProperty -LiteralPath $path -Name 'MdmTermsOfUseUrl' -Value 'https://portal.manage.microsoft.com/TermsofUse.aspx' -PropertyType String -Force -ea SilentlyContinue;
New-ItemProperty -LiteralPath $path -Name 'MdmComplianceUrl' -Value 'https://portal.manage.microsoft.com/?portalAction=Compliance' -PropertyType String -Force -ea SilentlyContinue;Finally
C:\Windows\system32\deviceenroller.exe /c /AutoEnrollMDM
And it was very quick I should say
- oryxwayJul 19, 2024Iron ContributorShould this be run from the device that is not Intune joined and the device that we are trying to join to Intune which is in AAD?
- Jul 20, 2024
that code needs to be run on the device itself just like i am mentioning here
https://call4cloud.nl/2020/05/intune-auto-mdm-enrollment-for-devices-already-azure-ad-joined/
- oryxwayJul 19, 2024Iron ContributorHi,
I am confused, I have similar issues. Some of the devices are showing up in Entra and they are not Intune joined. When I search in Intune they are not showing up. How can I join these AAD joined devices to Intune?