Forum Discussion
Enroll Existing Azure AD Joined Machines to Intune
Hello Community,
We have an environment with 1500 Devices consisting around 1000 Devices which are already Azure AD Joined & around 500 Devices which are Hybrid AAD joined connected to local AD.
We want to onboard All devices to Endpoint Manager however we are unable to find a way to Bulk enroll devices to Intune. Our requirements are:
Enroll Existing Azure AD joined device to Intune without User Interaction in Bulk or through some automated approach. (We do not want to manually enter Creds to enroll neither want to reset AADJ)
Enroll Local AD joined devices in bulk without renaming the Computer Name as the Windows PPKG is forcing to rename the devices. How can we keep existing device name while enrolling. (We are aware of GPO Approach but did not tested it yet hence unaware of any Cons of using it)
What we have Tried so far and our expectations?
- Created a Windows Provisioning Package but it does nothing on an Existing AADJ Machine except renaming its computer name.
- We do not want to perform Manual "Enroll Only in Device Management" Step but tested it and it does Enroll Device as Personal Device and not corporate.
- Provisioning package works well on a non-AADJ machine and enrolls the machine.
- We cannot disconnect AADJ or Reset Devices.
- We do not want our users to have local admin rights. (Optional)
- We would like to have current logged on user mentioned as Primary user in endpoint manager. (Optional)
- Do not want to use Provisioning package on Local Join Machine as it will rename them. (Optional)
- Tested some scripts but no success.
- Deep link do not work.
- Our Machines are not Managed through SCCM but we do have RMM Service in the environment which can deploy Apps and Packages on the devices.
At the end our Motive is to enroll AADJ devices to Intune so we can start managing them, the enrollment process should not be a pain for our users or hampering their workflow. (We can ignore Optional requirement if its not possible to achieve )
Looking forward for some valuable suggestions!
Thank you!
- What happens when you run this task manually on an azure ad joined devices (to first determine if it works)
$registryPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\MDM"
New-Item -Path $registryPath
$Name = "AutoEnrollMDM"
$Name2 = "UseAADCredentialType"
$value = "1" - Jannik_ReinhardIron ContributorDid you have an look on this amazing tool from niall brady?
https://www.niallbrady.com/2022/05/22/migrate-to-the-cloud-part-1-setup/- anshuljCopper ContributorI do not think we are looking for what's suggested in the article you shared. Thanks