Forum Discussion
Block Windows 10 Personal Devices GCC-High
I have a customer that is looking to block Windows 10 personal devices within GCC-H. Since this environment still does not have Autopilot available and all their Windows 10 devices are AAD joined, it...
ftrout we had to use Enrollment Restrictions. It's a real headache to manage, but basically we have a security group of users who are allowed to enroll any device (including Windows devices). We block everyone not in that group from enrolling PCs in Intune.
When a user needs to set up a new computer and enroll in Azure AD and Intune via the OOBE, we add them to the group temporarily then remove them again once they complete the OOBE.
It's been a real nightmare to manage and not having Autopilot in GCC-H yet has really been hurting us. I feel like it should be a priority for them but that doesn't appear to be the case. I think that's the one feature from Commercial that's been the hardest to live without since we migrated.
- I feel your pain, it seems like the only option is to think outside the box on this one. Thank you for your reply!
