Oct 05 2018 01:23 PM
Oct 06 2018 02:14 AM
SolutionHi Bob,
auto-enrollment is not supported when not used with OOBE and AADJ. But you could use an approach to guide users to MDM enrollment by sending out deep links via email for example. See here:
best,
Oliver
Nov 04 2018 04:52 PM
Hi Oliver,
so what should companies which are long using AAD joined devices and want to start using Intune leveraging the Intune Management Extension do?? since the extension is only installed once MDM is Auto Enrolled and the MDM cannot be auto enrolled because the client is already joined to Azure AD.
Whats the best solution for that?
Thanks
Dec 03 2018 04:31 AM
Dec 19 2018 02:35 AM
Hi,
may you PM me some more details about how many devices are blocked by this and some more details. This would be helpful for MS.
best,
Oliver
Dec 28 2018 04:12 AM
I have similiar case here. We have around 40 laptop users using O365 and devices are connected to Azure AD. Now I want to deploy M365 and Intune for them. I have upgraded users subscription to M365 and Windows version has been upgraded automatically to Windows 10 business as should. Computers won't pop-up automatically to Intune… I have read that I should cut the current connection to Azure AD from each Workstation and re-join devices again manually to Azure AD. I have tested this and computers will pop-up in Intune. This will do the trick, but isn't there a simpler way?
Dec 28 2018 05:45 AM
Dec 28 2018 11:05 AM
Hi Guys,
Haven't had a chance to try this out in my lab, but it looks like enrolment can be triggered with Group Policy "starting Windows 10, version 1709 you can use a Group Policy to trigger auto-enrolment to MDM for Active Directory (AD) domain joined devices."
"When the auto-enrollment Group Policy is enabled, a task is created in the background that initiates the MDM enrollment. The task will use the existing MDM service configuration from the Azure Active Directory information of the user. "
Hope this helps!
Dec 28 2018 11:37 AM
Dec 28 2018 01:22 PM
Ok... so to make sure I'm following your scenario 🙂
You have a large deployment of W10 machines in Workgroups (not joined to on-prem Active Directory), which have been Azure device joined (not Hybrid/ADDJ) and you want trigger Intune auto-enrolment?
Dec 28 2018 01:29 PM
Dec 29 2018 12:15 PM
Hi Jose,
Spent some time testing your scenario in my lab, and as suspected, you don't need to leave AAD and rejoin to trigger silent auto-enrolment 🙂
Please start another thread, tag me and we'll walk through my results.
Kind regards,
Matt
Dec 30 2018 07:38 AM
Matt, could you please post your method here in this thread, since it's where the question was originally posted?
Thanks!
Bob
Jan 04 2019 09:19 AM - edited Jan 04 2019 09:46 AM
Hi All,
Auto-Enrolment can be triggered using local policy. Please ensure users are logging into Windows using their Azure AD credentials, the device is Azure AD joined and users have been assigned Intune licenses.
Local policy can be configured using GPEdit.msc or applying the registry key below. Agreed this doesn't help in scenarios where you have roaming users, however the reg key could be deployed using PowerShell when users visit the Office.
** Tested using W10 - 1809
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\MDM]
"AutoEnrollMDM"=dword:00000001
Jan 14 2019 06:09 AM
Hey José,
currently the supported way is to re-join to trigger Intune Management Extension installation via auto-enroll. The only thing I can tell is the product group is aware of this. No information if it will change but they are aware.
best,
Oliver
Jan 14 2019 06:57 PM
Thanks for the reply Oliver. I was just looking for an official confirmation that this is the only supported way. Its going to be tough tell that to our clients but it is what it is.
Thanks
Jan 20 2019 05:21 PM
Yes that is the only way, had to do it for at least 50 laptops
Jan 21 2019 07:20 AM
Hello, if its for Autopilot you can try that what Robin posted in his Blog:
https://www.robinhobo.com/automatic-add-existing-windows-10-devices-to-windows-autopilot/
Jan 29 2019 03:09 PM
Hi Kaya,
thanks for your reply but that doest work because the devices are currently not managed by Intune
"For this blog I have the following assumptions;
Imagine a following scenario, a company which is cloud only and all the devices (hundreds) are joined to Azure AD. They never seem the benefits of Intune before so the MDM was never configured. Now they are getting into the idea of managing these devices via Intune only and leverage the App Distribution provided by Intune (which requires Intune Management Extension). The only way the Management Extension is installed automatic is when the device is joined to Azure AD. So for this company be enabled with Intune and the Mgmt Extension they need to manually re-join all its devices to Azure AD.
That is Sadly the only way it currently works.
Feb 13 2019 04:25 PM
I am running into this exact same scenario. The previous director of IT only enrolled in the office 365 plan with Azure Active Directory, and we now want to use MDM with InTune and its turning out that we can't because everyone is already signed into Azure Active Directory
Oct 06 2018 02:14 AM
SolutionHi Bob,
auto-enrollment is not supported when not used with OOBE and AADJ. But you could use an approach to guide users to MDM enrollment by sending out deep links via email for example. See here:
best,
Oliver