clients autoenroll without user input

Question

Hallo,all our clients are joined to an active directory. Is there a way to enroll Intune MDM on this devices without user input?To connect our AD into Azure AD we use ad connect. &nbsp;Thanks for your helpStefan

jenstf · Answer

Is the clients hybrid Azure AD joined?If so, do a local GPO:Navigate to Computer Policy &gt; Administrative Templates &gt; Windows Components &gt; MDMEnable the MDM Autoenrollment PolicyJT&nbsp;

stefanki · Answer

jenstfThanks for your good answer&nbsp;How I can bring the clients to Azure AD joined?I do not want do disconnect the clients form the internal AD Domin.&nbsp;Edit: Is this the right way https://docs.microsoft.com/de-de/azure/active-directory/devices/hybrid-azuread-join-managed-domains ?

jenstf · Answer

Yes, that article is a good starting point and with Hybrid AAD enabled you are on your way to get rid of the stuff on the ground and move to the sky :D

adam weldon-ming · Answer

StefanKi&nbsp;&nbsp;Hey,&nbsp;You need to do 3 things at a high level.Configure Azure AD Connect for Azure AD Hybrid Join using the Azure AD Connect wizardEnable “Register domain-joined computers as devices” via Group Policy under&nbsp;Computer Configuration &gt; Policies &gt; Administrative Templates &gt; Windows Components &gt; Device Registration.&nbsp;Set a GPO to enrol on-prem devices (Windows 10) into Intune MDMCreate a (GPO) and enable theComputer Configuration &gt; Policies &gt; Administrative Templates &gt; Windows Components &gt; MDM &gt; Enable automatic MDM enrollment using default Azure AD credentials&nbsp;Here is a good starting block for point 1 and 2:https://www.adamfowlerit.com/2018/08/azure-ad-hybrid-joined-devices-overview/&nbsp;Point 3https://docs.microsoft.com/en-us/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy&nbsp;

Forum Discussion

clients autoenroll without user input

4 Replies

Resources