cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Azure Ad joined device integration to Microsoft Intune

TechNabin
Copper Contributor

‎Sep 11 2023 08:20 PM

‎Sep 11 2023 08:20 PM

Azure Ad joined device integration to Microsoft Intune

Hi all, just had a quick question to everyone, is there a way to integrate Azure Ad joined devices to Microsoft Intune Without any end user intervention?

 

I also have a RMM agent in all of the computers which I want to integrate in Intune, not sure if that would help. Additionally, we don't have an on-prem server and are completely based out of Azure. So, Intune connector won't work for us as well. Thanks in advance for your response.

3,099 Views
0 Likes
6 Replies
Reply
6 Replies
Wifi_Jay

‎Sep 11 2023 10:53 PM

‎Sep 11 2023 10:53 PM

Re: Azure Ad joined device integration to Microsoft Intune

@TechNabin 

If the device is AzureAD joined, it is by default Intune joined. You can find these devices under https://endpoint.microsoft.com/ and they will list them as either Corporate, or Personal.

Any devices in this portal are Intune joined.

For a brand new out of box laptop/desktop, you can join them to AzureAD/Intune by doing any of the following

- Logging in with a domain email address and password (providing the account meets all of the tenant conditions for allowing device join)

- Using Windows Autopilot device (determined at manufacturer or by using a powershell script on the device before deployment

- Using Windows Configuration Designer to prepare the device before deployment

 

Note that I use option 3 most of the time, and option 1 for one-off deployments. From a mass performance perspective you may want to look at option 2 or 3. 

 

To roll out the RMM agent (or any application in general) you use App Deployment in Intune (found in the https://endpoint.microsoft.com portal). Roll the msi out via App deployment policy. Intune will deploy to your Intune devices that meet the device/user membership policy.

 

So short answers aare

1) yes, AzureAD join is Intune managed by default

2) Yes Device needs to be prepped before deployment (Autopilot, Windows Config Designer, Manual login via OOBE)

3) Yes, App deployment via Intune to all AzureAD joined devices that meet membership policy 

0 Likes
Reply
best response confirmed by TechNabin (Copper Contributor)
rahuljindal-MVP

‎Sep 11 2023 11:13 PM - edited ‎Sep 11 2023 11:18 PM

‎Sep 11 2023 11:13 PM - edited ‎Sep 11 2023 11:18 PM

Solution

Re: Azure Ad joined device integration to Microsoft Intune

If you got the RMM agent installed then you might be able to automate the enrollment. As I see it, you will first need to enable automatic MDM enrollment first. Once done, you can push a PS script to initiate the automatic enrollment.

0 Likes
Reply
TechNabin

‎Sep 11 2023 11:18 PM

‎Sep 11 2023 11:18 PM

Re: Azure Ad joined device integration to Microsoft Intune

@rahuljindal-MVP do you happen to have a script for it? If you have could you kindly share this script?
0 Likes
Reply
TechNabin

‎Sep 11 2023 11:20 PM

‎Sep 11 2023 11:20 PM

Re: Azure Ad joined device integration to Microsoft Intune

hi @wifijay the devices in question do show up in Azure AD but not in my Endpoint manager portal so i believe i would need to enroll this to endpoint manager..
0 Likes
Reply
rahuljindal-MVP

‎Sep 11 2023 11:35 PM

‎Sep 11 2023 11:35 PM

Re: Azure Ad joined device integration to Microsoft Intune

No sorry, I don’t. But I can share the registry keys that you need to configure.

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\MDM]
"AutoEnrollMDM"=dword:00000001
"UseAADCredentialType"=dword:00000001
0 Likes
Reply
Wifi_Jay

‎Sep 11 2023 11:40 PM

‎Sep 11 2023 11:40 PM

Re: Azure Ad joined device integration to Microsoft Intune

@TechNabin 

Ok, i think you need to follow this link
Enroll existing Azure Ad joined Devices into MDM | Intune (call4cloud.nl)

 

My methods are for where the devices are not deployed yet (ie new OOBE, or wipe and reload).

To connect to Intune post AzureAD join try the above link, or ask users to manually register via Company Portal

Enable MDM automatic enrollment for Windows | Microsoft Learn

 

 

 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by TechNabin (Copper Contributor)
rahuljindal-MVP

‎Sep 11 2023 11:13 PM - edited ‎Sep 11 2023 11:18 PM

‎Sep 11 2023 11:13 PM - edited ‎Sep 11 2023 11:18 PM

Solution

Re: Azure Ad joined device integration to Microsoft Intune

If you got the RMM agent installed then you might be able to automate the enrollment. As I see it, you will first need to enable automatic MDM enrollment first. Once done, you can push a PS script to initiate the automatic enrollment.

View solution in original post

0 Likes
Reply