Edge Default App Associations and Azure AD registered Devices

Brass Contributor

Hi all.

I recently made a configuration profile in Intune which sets the default app associations for Microsoft Edge Browser in Windows.


  1. Export XML with "dism /online /export-defaultappassociations:appassoc.xml"
  2. removed all non-Microsoft Edge browser-related application associations
  3. converted XML in Base64
  4. Enter the code in Settings Catalog > Application Defaults > Default Associations Configuration
  5. Assigned to Device Group

So far so good. The policy gets applied on AADJ and AADR Devices says Intune but in practice the AADR Device doesn't change the associations. On AADJ Devices it works fine and I also have an Event Viewer entry with ID 814, which is missing on the AADR Device.


Is it possible that AADR Devices can't get this policy applied? And what are the Intune limitations for AADR Devices, I really couldn't find any useful documentation.


Many thanks for advice and help <3

5 Replies

@preuley30 - Steve Thomas and crew provided some troubleshooting tips in today's episode of Unpacking Endpoint Management: Unpacking endpoint management - Tips and best practices from MVPs | Tech Community (microsoft.com)

Hi @preuley30 


I’m not surprised to hear this, An Azure AD-registered device is "lightly managed" by Azure AD admins. If the devices belong to your organization why don’t you join them to AADJ like others. Azure AD registered devices are mostly used as BYOD. 

Hope this helps!


Here is great post by Tim Warner:



I thought that if you can deploy apps on AADR Devices you can also deploy a simple configuration for the default browser association. But this seems not possible.
You could always create a win32app with a powershell command and that XML in it to import it to those devices.... Its kinda weird that, that config didn't applied on aadr devices... as a lot does work'