Home

Installing Intune for MFA with Airwatch MDM

%3CLINGO-SUB%20id%3D%22lingo-sub-177769%22%20slang%3D%22en-US%22%3EInstalling%20Intune%20for%20MFA%20with%20Airwatch%20MDM%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-177769%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20community%2C%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EQuestion%3A%20I%20have%20a%20client%20that%20is%20using%20AirWatch%20for%20MDM.%20(Trying%20to%20move%20to%20Intune%20-%20Long%20story).%20Anyways%20they%20want%20Azure%20MFA%20because%20of%20the%20integration%20with%20PC's%20and%20no%20requirement%20for%20ADFS%20once%20we%20go%20with%203SO%20and%20PTA.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20have%20some%20rather%20strict%20policies%20we%20are%20going%20to%20enforce%20when%20users%20are%20going%20to%20get%20an%20MFA%20prompt.%20i.e.%20never%20on%20approved%20devices.%20So%20for%20the%20mobile%20work%20force%20I%20do%20not%20see%20a%20way%20to%20make%20a%20device%20approved%20unless%20it%20is%20enrolled%20with%20Intune.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESo%20I%20pose%20the%20question%2C%20can%20we%20enroll%20a%20mobile%20device%20with%20Intune%20or%20Azure%20AD%20while%20AirWatch%20is%20providing%20MDM%20(iOS%20and%20Android).%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIf%20I%20am%20missing%20something%20obvious%20here%20please%20let%20me%20know.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-177769%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAirWatch%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20MFA%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EDevice%20enrollment%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMDM%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Emfa%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMobile%20Device%20Management%20(MDM)%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-177970%22%20slang%3D%22en-US%22%3ERe%3A%20Installing%20Intune%20for%20MFA%20with%20Airwatch%20MDM%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-177970%22%20slang%3D%22en-US%22%3EHi%20Tom%2C%3CBR%20%2F%3E%3CBR%20%2F%3EWhat%20mobile%20device%20would%20you%20like%20to%20enroll%20with%20Intune%20or%20Azure%20AD%3F%20Is%20it%20a%20Windows%20device%2C%20or%20is%20it%20one%20of%20the%20iOS%20or%20Android%20device%20that%20are%20already%20joined%20to%20Airwatch%3F%3CBR%20%2F%3E%3CBR%20%2F%3EIs%20your%20Airwatch%20environment%20also%20connected%20to%20AzureAD%3F%20%3CBR%20%2F%3E%3CBR%20%2F%3EWithin%20Azure%20AD%20under%20MDM%2C%20you%20have%20the%20possibility%20to%20configure%20both%20Intune%20and%20Airwatch%20as%20MDM%20solution.%20You%20can%20then%20assign%20different%20groups%20of%20users%20to%20the%20different%20MDM%20solution.%20The%20devices%20of%20the%20members%20of%20those%20groups%20will%20then%20all%20be%20connected%20to%20the%20MDM%20solution%20they're%20assigned%20to.%3CBR%20%2F%3E%3CBR%20%2F%3EIt%20is%20not%20possible%20to%20enroll%20one%20device%20to%20both%20Intune%20and%20Airwatch.%3CBR%20%2F%3E%3CBR%20%2F%3EI%20hope%20this%20helps.%3CBR%20%2F%3E%3CBR%20%2F%3EBest%20regards%2C%3CBR%20%2F%3ERuud%20Gijsbers%3C%2FLINGO-BODY%3E
Tom Gould
Contributor

Hello community, 

 

Question: I have a client that is using AirWatch for MDM. (Trying to move to Intune - Long story). Anyways they want Azure MFA because of the integration with PC's and no requirement for ADFS once we go with 3SO and PTA. 

 

We have some rather strict policies we are going to enforce when users are going to get an MFA prompt. i.e. never on approved devices. So for the mobile work force I do not see a way to make a device approved unless it is enrolled with Intune. 

 

So I pose the question, can we enroll a mobile device with Intune or Azure AD while AirWatch is providing MDM (iOS and Android). 

 

If I am missing something obvious here please let me know. 

1 Reply
Hi Tom,

What mobile device would you like to enroll with Intune or Azure AD? Is it a Windows device, or is it one of the iOS or Android device that are already joined to Airwatch?

Is your Airwatch environment also connected to AzureAD?

Within Azure AD under MDM, you have the possibility to configure both Intune and Airwatch as MDM solution. You can then assign different groups of users to the different MDM solution. The devices of the members of those groups will then all be connected to the MDM solution they're assigned to.

It is not possible to enroll one device to both Intune and Airwatch.

I hope this helps.

Best regards,
Ruud Gijsbers
Related Conversations
Extentions Synchronization
Deleted in Discussions on
3 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies