Forum Discussion
Re: Intune auto MDM enrollment for devices already Azure AD joined?
6 Replies
Hey José,
currently the supported way is to re-join to trigger Intune Management Extension installation via auto-enroll. The only thing I can tell is the product group is aware of this. No information if it will change but they are aware.
best,
Oliver
Thanks for the reply Oliver. I was just looking for an official confirmation that this is the only supported way. Its going to be tough tell that to our clients but it is what it is.
Thanks
Yes that is the only way, had to do it for at least 50 laptops
Hi Jose,
Spent some time testing your scenario in my lab, and as suspected, you don't need to leave AAD and rejoin to trigger silent auto-enrolment :)
Please start another thread, tag me and we'll walk through my results.
Kind regards,
Matt
Matt, could you please post your method here in this thread, since it's where the question was originally posted?
Thanks!
Bob
Hi All,
Auto-Enrolment can be triggered using local policy. Please ensure users are logging into Windows using their Azure AD credentials, the device is Azure AD joined and users have been assigned Intune licenses.
Local policy can be configured using GPEdit.msc or applying the registry key below. Agreed this doesn't help in scenarios where you have roaming users, however the reg key could be deployed using PowerShell when users visit the Office.
** Tested using W10 - 1809
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\MDM]
"AutoEnrollMDM"=dword:00000001
