Forum Discussion
Solved
Change DEP User affinity
Hi all, I've a question about IOS & DEP profiles in Intune. At a customer, we've a lot of iPhones (with DEP) enrolled in our organization. Now we've implement MFA and it's not possible to enroll ...
Dennis Blotenburg This will only have an impact on new enrollments after factory reset for example.
I would suggest creating a new profile and test your configuration on a single device first.
Switching to "Enroll with User Affinity" will not bypass MFA tho.
Check out this blogpost: MFA and other caveats with Intune MDM automatic enrollment methods - Bloggerz.cloud
As mentioned by eglockling you can bypass MFA during Setup Assistant enrollment with Conditional Access by excluding Microsoft Intune Enrollment and Microsoft Intune cloud apps.
In addition if you have Conditional Access policies where you have selected browser in client apps even if it just points to Windows or any other platform and require MFA you have to exclude the two cloud apps here as well. You have to do that because when authenticating in setup assistant you are doing a browser based authentication.
