Forum Discussion
Guidance on Intune MDM/MAM Setup
Hi DriveSafely,
You mentioned earlier that you are using both MDM and MAM to enroll corporate devices and BYOD. If you want to ensure that a device is enrolled in MDM or MAM, follow these steps:
- Navigate to Entra ID → Manage → Devices → All devices → Add filter → MDM. You should see whether the user is enrolled in MDM or MAM.
- If you want to restrict enrollment by groups – for example, only allowing users with an Intune license based on a dynamic group, or blocking users from enrolling entirely, follow these steps:
- Within Microsoft Entra ID, expand Settings and click on Mobility.
- Within the Mobility portal, click Microsoft Intune, and you should see all settings.
- You can also restrict the number of devices a user can enroll by following these steps:
- Navigate to Intune → Devices → Enrollment → Enrollment device limit restriction, and specify the desired limit.
- Finally, you can create Enrollment Restrictions as shown below.
I hope this resolves the issue. Feel free to reach out to me if you need further assistance.
Hello Ankido
Thanks for your response.
With regards to blocking devices from enrolling, i meant that we do not want everyone to enroll a device unless it is kind of allowed in Intune, say based on IMEI or Serial no.
Based on my experience, there isn't a specific policy or button to block devices that haven't registered a hardware hash or IMEI. However, you can restrict the number of devices and IMEIs per user as I have demonstrated. This approach allows you to have more control over all devices, and if someone needs to enroll additional devices, you can simply create or modify the restrictions.🤗