Sep 17 2024 10:53 PM
Hello Everyone,
I have a question regarding policy enforcement in a workgroup environment where devices are enrolled into Intune (e.g., via package provisioning). In this scenario, users continue to log in with their local accounts/profiles on Windows rather than using Azure AD accounts.
Do we need to configure all policies to target devices only, given that the users aren't logging in with Azure AD accounts?
If policies are assigned to AAD users, will they be applied, or will they be ignored because users are logging in with their local accounts?
Your guidance and insights on the best approach for managing policies in this setup would be greatly appreciated.
Thank you
Sep 17 2024 11:05 PM
Sep 17 2024 11:42 PM
Sep 18 2024 01:37 AM
Sep 18 2024 03:19 AM
Sep 23 2024 07:26 PM
@drivesafely If your AD is syncing to Entra ID (Azure AD) through AAD sync and the workstation is managed in Intune then policies will be pushed to the system when a user logs into it. I've been deploying policies this way in conjunction with GSA and GSA client successfully.