Forum Discussion
Intune auto MDM enrollment for devices already Azure AD joined?
Hi Bob,
auto-enrollment is not supported when not used with OOBE and AADJ. But you could use an approach to guide users to MDM enrollment by sending out deep links via email for example. See here:
best,
Oliver
Hi BENT17,
please have a look at "Scenario 8" in the article "Managing Windows 10 with Intune – The Many Ways to Enrol", you need to set two different GPOs, one that controls hybrid AAD join and one that controls Intune MDM enrollment:
Managing Windows 10 with Intune – The Many Ways to Enrol
Enroll a Windows 10 device automatically using Group Policy
best,
Oliver
Interesting read Oliver Kieselbach
My Devices are all domain joined on a local on prem DC and then we use the work account for authentication. In fact if I run dsregcmd /status this is what I get
AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : YES
- Any idea what I can do?
- Hi Bent. Have you configured intune auto enrollment? If you haven’t before you configured the gpo and now the devices are local ad joined and azure ad enrolled (showing under Azure AD Devices but not all devices) i’m afraid you will have to enable auto enrollment and delete de devices from azure ad devices (do a test with only one to see before you delete everything.
Yes I have configured auto enrolment to a specific group. I then configured the MDM gpo to auto enrol also. My devices are all local AD joined and have a work O365 account linked to the PC. I deleted the PC from under AD Azure Device, formatted the PC and once back up it re appeared under AD Azure PC but not under all devices.
