Forum Discussion
Intune Enrollment via GPO User eXperience
- Verify that the user who is going to enroll the device has a valid Intune license.
- Make sure that your auto-enrollment (MDM user scope to "All") settings are configured under Microsoft Intune instead of Microsoft Intune Enrollment.
- Verify that the Enable Automatic MDM enrollment using default Azure AD credentials group policy (Computer Configuration > Policies > Administrative Templates > Windows Components > MDM) is properly deployed to all devices which should be enrolled into Intune.
- Verify that Microsoft Intune should allow enrollment of Windows devices (Device enrollment restrictions in Endpoint Manager portal)
I recently had another instance where the AzureAdPrt was NO, an MS support agent gave me the following steps:
1) whoami /upn Run the command in commad prompt UPN should be same in cloud .
2) Add the URL in IE
· https://protect-eu.mimecast.com/s/7cNrC3yo2FVq0ytqUWXJ?domain=nam06.safelinks.protection.outlook.com
· https://protect-eu.mimecast.com/s/rta3C5Rq9tOE4Xu2Qph_?domain=nam06.safelinks.protection.outlook.com
· https://protect-eu.mimecast.com/s/NYinC7pvLU9lo8uRKqKj?domain=nam06.safelinks.protection.outlook.com
· https://protect-eu.mimecast.com/s/8FAAC9DxQiPQ9lsZZskZ?domain=nam06.safelinks.protection.outlook.com
3) Open task scheduler(AS admin )> Microsoft>Windows> Work place join>right click on “Auto work place join” and make sure it is in “running” state.
4) Then re-start machine and run dsregcmd /status , check for Azure prt status.
5) dsregcmd /debug /leave in admin mode.
6) Once machine up run dsregcmd /debug /join in admin mode.