Nov 08 2018 01:15 AM
Nov 08 2018 01:15 AM
Hello,
Under All Devices I found all my computers that have join type "Azure AD Joined" but under "Intune Devices" there is none.
Is there a way to auto enroll Computer that already has Azure AD joined to intune?
//W
Nov 08 2018 06:53 AM
Yes, you can set up auto enrolment.
Steps:
https://docs.microsoft.com/en-us/intune/quickstart-setup-auto-enrollment
Stuart
Nov 08 2018 07:03 AM
Nov 08 2018 07:16 AM
Ah, understood
Does the group scope not still enrol them?
Stuart
Nov 08 2018 07:37 AM
Nov 08 2018 07:41 AM
@Deleted wrote:
I've choosen "all" shouldnt that enroll all computers?
One would imagine so.
What licenses do you have?
Stuart
Nov 08 2018 07:44 AM
Hi,
Enterprise mobility security E3
Nov 08 2018 08:42 AM
OK, maybe raise a wee Support Ticket within the Azure Portal.
Stuart
Nov 12 2018 04:07 AM
Hi William,
the problem is if you enable both enrollment user scopes and when they overlap the MAM scope will take precedence. I guess this is your problem, I've seen this very often.
see here: https://docs.microsoft.com/en-us/intune/windows-enroll
Important
If both MAM user scope and automatic MDM enrollment (MDM user scope) are enabled for a group, only MAM is enabled. Only MAM is added for users in that group when they workplace join personal device. Devices are not automatically MDM enrolled.
to avoid this and get your MDM auto-enrollment working you can either disable the MAM user scope or you enable All for MDM user scope and assign a specific group for MAM user scope. Additionally keep in mind the MAM user scope is not for general MAM on iOS or Android, it is for the MAM Windows feature. It's the Windows Information Protection feature basically.
best,
Oliver
Nov 12 2018 04:40 AM
@Oliver Kieselbach wrote:Hi William,
the problem is if you enable both enrollment user scopes and when they overlap the MAM scope will take precedence. I guess this is your problem, I've seen this very often.
see here: https://docs.microsoft.com/en-us/intune/windows-enroll
Important
If both MAM user scope and automatic MDM enrollment (MDM user scope) are enabled for a group, only MAM is enabled. Only MAM is added for users in that group when they workplace join personal device. Devices are not automatically MDM enrolled.
to avoid this and get your MDM auto-enrollment working you can either disable the MAM user scope or you enable All for MDM user scope and assign a specific group for MAM user scope. Additionally keep in mind the MAM user scope is not for general MAM on iOS or Android, it is for the MAM Windows feature. It's the Windows Information Protection feature basically.
best,
Oliver
Superb and very informative answer Oliver
Nov 12 2018 04:43 AM
Hello Oliver,
It is only MDM user scope that is enabled and not MAM.
I just noticed that they have Intune clinet installed :\ I have to remove the devices from the console first.
Thanks!
Dec 03 2018 04:40 AM
Apr 05 2019 11:53 AM
Good news to all, the "Intune In Development" site does list a feature which will be released soon that solves the agent install on devices not auto-enrolled, see here:
You'll be able to assign your Win32 apps to be installed on Intune enrolled Azure AD joined devices. For more information about Win32 apps in Intune, see Win32 app management.
best,
Oliver
Apr 08 2019 05:40 PM
Hi @Oliver Kieselbach , shouldn't ask this question here but have you came across any issues with Windows App (win32) updating to a new version. The issue with the app im trying to update requires the current version to exit so it can install the new version. The install fails cause the old version is still running inWindows 10