Forum Discussion
Intune Enrollment for Remote Users - No VPN - No Local Admin
Trying to find a way to get devices enrolled with Endpoint Manager without the need for local admin or VPN. Does anyone have suggestions on how to get devices enrolled during this time of remote work...
Devices are remote domain joined devices. they do not have VPN are not in the office and are not AAD Joined. Hybrid Join is something we are rolling out but again that requires direct LoS of the Domain Controllers for the SCP.
What i need is a way to get the devices that are remote and not connected to the network enrolled in Intune. This is to be able to push out the SCCM client to them with the CMG configuration. I know there are ways to get the SCCM Agent installed (primarily by directly contacting the users or by having the devices on the network).
The issue we have is that the devices will not have VPN and will not have local admin access. I am trying to find options to get them enrolled without the VPN or Local admin.
What i need is a way to get the devices that are remote and not connected to the network enrolled in Intune. This is to be able to push out the SCCM client to them with the CMG configuration. I know there are ways to get the SCCM Agent installed (primarily by directly contacting the users or by having the devices on the network).
The issue we have is that the devices will not have VPN and will not have local admin access. I am trying to find options to get them enrolled without the VPN or Local admin.
Hi,
-IS there any important data on the devices. IS it okay to reset/wipe the devices
-You are telling you want to enroll the devices into Intune and not in azure ad? You are also talking about Autopilot
So if you only want to enroll them into Intune
https://www.ntweekly.com/2018/12/14/enroll-windows-10-devices-to-intune-without-azure-ad/
-Do the devices have a local admin account that can be used?
I appreciate your reply but as i noted the users do not have local admin. I noted this many times and what i am looking for is a solution that will allow for enrollment of the device without wiping and with minimal impact to the users.
- Hi,
Of course, i have read the users do not have local admin permissions 🙂 , but I didn't read there were no local admin users at all. Do you want them to enrol in Intune only or do you want them also to join Azure Ad and Intune