Controlling device enrollment

Copper Contributor

Hi everyone. I used to add Android device S/Ns as corporate identifiers and block personal devices from joining our Intune. This works pre Android 10 but not any more. What I want to do is not allow any user to enroll a mobile device unless IT specifically allow it, in the case of iOS we add the SN as a corporate identifier and this works great, same applied to Android <10. I have a workaround for now, however, does anyone know of a way to do this? I have a banned device group and this prevents devices becoming compliant, but I can not make this dynamic so when a user registers a device we get an enrolment notification, we the ban the device which is workable but clumsy. If anyone has any ideas , solutions or suggestions I would really appreciate your time on this.


Thanks - Bob - Reno 

0 Replies