Forum Discussion

klenTAHN's avatar
klenTAHN
Copper Contributor
Nov 04, 2022

MacOS Device setup with Endpoint Manager

I have recently taken over management of my company's Intune/Endpoint Manager environment for management of iOS and MacOS devices. The current setup has multiple configuration profiles that are assig...
Intune
mobile device management (mdm)
Moe_Kinani's avatar
Moe_Kinani
Bronze Contributor
Nov 06, 2022

Hi klenTAHN,


I guess you’re using User Affinity Enrolment method in your macos enrolment profile. Apple Setup Assistant prompts during the enrolment process to login to Azure which support modern authentication now.

 

Do you know what user the techs are using during the process(this step is before creating local admin)? To do a workaround to the issue you seeing, I would ask the techs to use the employee creds during enrollment process, this will eliminate that issue with Intune Portal and re-enrollment. Because user affinity enrolment is one to one relationship, you can’t use DEP account. Otherwise you have to use device type but that’s not your requirements. 

I have included three articles, note the 2nd one shows the enrolment when modern authentication not supported. 

Hope this helps!

Moe

 

From MSFT docs-

’Use this method to automate the enrollment experience on devices purchased through Apple Business Manager or Apple School Manager. Automated device enrollment deploys the enrollment profile over-the-air, so you don't need to have physical access to devices.’


https://learn.microsoft.com/en-us/mem/intune/enrollment/macos-enroll?WT.mc_id=EM-MVP-5003177

 

https://hmaslowski.com/home/f/corporate-macos-automated-device-enrollment-ade-to-memintune

https://oliverkieselbach.com/2021/07/14/comprehensive-guide-to-managing-macos-with-intune/