Forum Discussion
Devices in AAD not showing in InTune
Hi All,
We run a hybrid domain with an on-prem domain controller and sync to Azure AD.
The problem I have is getting machines to register in our intune, they are listed in azure AD as "Azure AD Registered" biut with MDM as "none".
Whats the easiest way for me to register them in our MEM/Intune?
Thanks
6 Replies
- When configuring azure ad hybrid, a scp will be created. Instead of filtering on ou's in azure ad connect take a look at this blog:
https://call4cloud.nl/2020/12/fantastic-mr-sso/
You can assign a gpo to specific devices to enroll into azure ad hybrid - What is your MDM solution at the moment? SCCM? In order for you to see devices in Intune, you have to enroll them via CoManagement or another way is via auto-enrollment, here's where to start: https://docs.microsoft.com/en-us/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy#:~:text=Auto-enrollment%20into%20Intune%20via%20Group%20Policy%20is%20valid,joined,%20run%20dsregcmd%20/status%20from%20the%20command%20line.
Thanks for the feedback.
I have checked the AD Connect settings and AAD, I believe we are syncing correctly.
If I go ahead and create a test OU and apply the auto-enrollment GPO should that work?
- Hi Mat,
Two thing you need to do to have Hybrid AD join Machines:
1. Configure Hybrid AD Join from ADConnect and then sync to have showing in AAD as Hybrid AAD joined devices.
Check Configure Hybrid Azure AD Join section:
https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-managed-domains
2. Then assign the proper Intune license and enroll the devices using either Gpo or manually.
https://docs.microsoft.com/en-us/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy
Hope this helps!
Moe
