Jun 27 2019 03:38 PM
Hallo,
all our clients are joined to an active directory. Is there a way to enroll Intune MDM on this devices without user input?
To connect our AD into Azure AD we use ad connect.
Thanks for your help
Stefan
Jun 28 2019 01:03 AM
Is the clients hybrid Azure AD joined?
If so, do a local GPO:
JT
Jun 30 2019 07:18 AM - edited Jun 30 2019 07:21 AM
@jenstfThanks for your good answer
How I can bring the clients to Azure AD joined?
I do not want do disconnect the clients form the internal AD Domin.
Edit: Is this the right way https://docs.microsoft.com/de-de/azure/active-directory/devices/hybrid-azuread-join-managed-domains ?
Jun 30 2019 11:03 PM
Yes, that article is a good starting point and with Hybrid AAD enabled you are on your way to get rid of the stuff on the ground and move to the sky 😄
Jul 01 2019 12:59 PM
Hey,
You need to do 3 things at a high level.
Computer Configuration > Policies > Administrative Templates > Windows Components > Device Registration.
Computer Configuration > Policies > Administrative Templates > Windows Components > MDM > Enable automatic MDM enrollment using default Azure AD credentials
Here is a good starting block for point 1 and 2:
https://www.adamfowlerit.com/2018/08/azure-ad-hybrid-joined-devices-overview/
Point 3