Forum Discussion
Change DEP User affinity
- Sep 29, 2020
Dennis Blotenburg This will only have an impact on new enrollments after factory reset for example.
I would suggest creating a new profile and test your configuration on a single device first.
Switching to "Enroll with User Affinity" will not bypass MFA tho.
Check out this blogpost: MFA and other caveats with Intune MDM automatic enrollment methods - Bloggerz.cloud
If you have MFA enforced for your tenant, use the following settings for the enrollment profile:
User Affinity: Enroll with User Affinity
Select where users must authenticate: Company Portal
You can have the end-user manually install Company Portal, or you can setup VPP and include it in the enrollment profile as well.
There are ways to bypass the enforced MFA using Conditional Access so that you can use Setup Assistant, but it may be different for every organization. HINT: Authentication using Setup Assistant does not reach the Microsoft Intune and Microsoft Intune Enrollment cloud apps first.