Forum Discussion
Intune Automatic Enrollment settings
On Intune Automatic Enrollment settings page have some URL, in what situation this URL need to modify? or just leave them default value?
Hey TAMSHUI,
the MDM user scope is for Windows 10 Automatic Enrollment. So, if a device is doing OOBE (initial install) and for example Azure AD Join (AADJ) or Hybrid Join, it will normally not join your MDM, the first MDM user scope will tell the system to automatically enroll into MDM. In the default setting, the URLs already set, it will use the Intune URLs for the MDM enrollment. If you want another MDM system to take care of of this, like Airwatch, you have to put the Airwatch URL in there.
The MAM user scope is for Windows Information Protection (WIP). This is Mobile Application Management for Windows 10. You can read more about it here: Protect your enterprise data using Windows Information Protection (WIP) (Windows 10) - Microsoft 365 Security | Microsoft Docs
If you want Intune managed Windows 10 devices you typically need the MDM user scope not the MAM user scope.
best,
Oliver
3 Replies
Hey TAMSHUI,
the MDM user scope is for Windows 10 Automatic Enrollment. So, if a device is doing OOBE (initial install) and for example Azure AD Join (AADJ) or Hybrid Join, it will normally not join your MDM, the first MDM user scope will tell the system to automatically enroll into MDM. In the default setting, the URLs already set, it will use the Intune URLs for the MDM enrollment. If you want another MDM system to take care of of this, like Airwatch, you have to put the Airwatch URL in there.
The MAM user scope is for Windows Information Protection (WIP). This is Mobile Application Management for Windows 10. You can read more about it here: Protect your enterprise data using Windows Information Protection (WIP) (Windows 10) - Microsoft 365 Security | Microsoft Docs
If you want Intune managed Windows 10 devices you typically need the MDM user scope not the MAM user scope.
best,
Oliver
- thanks Oliver. means if I select MDM/MAM user scope to some or all, the auto-enroll will be enable. And about MAM/MDM URL, if we prefer to use Intune as my MDM/MAM solution, just leave those URL default. But if we want to use third-party MDM/MAM solution third-party will provide we a new URL to replace those default URL. is correct?
Yes TAMSHUI that's correct. Here also the official docs: Set up enrollment for Windows devices by using Microsoft Intune | Microsoft Docs
