Oct 05 2018 01:23 PM
Feb 13 2019 05:13 PM
Feb 13 2019 06:05 PM
Feb 14 2019 01:24 PM
This would require a reset to implement for intune enrollment, probably out of the OP's scope.
Feb 25 2019 06:41 AM
I have hundreds of laptops which I need to enrol to intune. I have set up the gpo to auto enrol but all they appear is under Azure AD Devices and not under All devices. I need them under all devices so that I can manage them. If I download the company portal and follow the steps then the laptop gets enrolled however I want this to be transparent and automatically enrolled. Any help??
Feb 25 2019 07:20 AM
Hi BENT17,
please have a look at "Scenario 8" in the article "Managing Windows 10 with Intune – The Many Ways to Enrol", you need to set two different GPOs, one that controls hybrid AAD join and one that controls Intune MDM enrollment:
Managing Windows 10 with Intune – The Many Ways to Enrol
Enroll a Windows 10 device automatically using Group Policy
best,
Oliver
Feb 25 2019 07:35 AM
Interesting read @Oliver Kieselbach
My Devices are all domain joined on a local on prem DC and then we use the work account for authentication. In fact if I run dsregcmd /status this is what I get
AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : YES
Feb 25 2019 10:57 PM
Feb 25 2019 11:56 PM
Feb 26 2019 12:00 AM
Yes I have configured auto enrolment to a specific group. I then configured the MDM gpo to auto enrol also. My devices are all local AD joined and have a work O365 account linked to the PC. I deleted the PC from under AD Azure Device, formatted the PC and once back up it re appeared under AD Azure PC but not under all devices.
Feb 26 2019 09:26 AM - edited Feb 26 2019 09:35 AM
This might be the solution for our problem at least for small organizations ->
Check out the section:
Feb 26 2019 11:49 PM
By running that I didnt need to have the portal installed and neither did the user need to be an admin to enrol. Is there a way to automatically enrol the device automatically and skipping the manual steps?
Feb 26 2019 11:55 PM
Apr 05 2019 11:52 AM
Good news to all, the "Intune In Development" site does list a feature which will be released soon that solves the agent install on devices not auto-enrolled, see here:
You'll be able to assign your Win32 apps to be installed on Intune enrolled Azure AD joined devices. For more information about Win32 apps in Intune, see Win32 app management.
best,
Oliver
Jun 12 2019 05:40 AM - edited Jun 12 2019 05:41 AM
@Deleted
Did you ever find a solution to automate the "Enroll only in device management" button?
After days of searching, finally I found a way to get powershell scripts on my AD REGISTERED (not joined) machines... and it's by using this "Enroll only in device management" button. For some reason this is different than adding your account with auto-enroll set up.
Now, my machines receive MDMFull instead of MDMFullWithAAD and I can manually install the Intune Management Extension and get powershell scripts.
Now if I could just apply this to my users automatically without removing them from AD and rejoining them manually. Any tips? Thanks
Jun 13 2019 07:03 AM
@Deleted
Existing AAD Device - try bulk enrollment - it will probably rejoin the device to AAD but after a few days, I believe the records will merge. Be patient.
https://docs.microsoft.com/en-us/intune/windows-bulk-enroll
Jun 14 2019 07:07 AM
Bulk enrollment requires you to send a .ppkg manually to each device that is already enrolled. Not really an option.
Oct 02 2019 09:54 PM
The easiest way is to just got to the "Access Work or School" setting, and then click "Connect" again, and sign in again. This will apply the MDM policy as long as the user you're using has that license applied to them.
I'm doing this now as we're deploying MDM on an Azure AD environment. It's still manual, but it's not that bad. Users could also do this if they have an MDM license.
Jan 03 2020 10:07 AM
@wombat39This got the device into Intune, however it looks like it adds the device as BYOD device (personal) and not a corporate device.
Jun 17 2020 03:22 AM
We have on premise AD using AD connect to sync details to AAD, all users are using M365.
We have followed the instructions to auto enrol
https://docs.microsoft.com/en-us/mem/intune/enrollment/windows-enroll
but so far, none of our test clients are enrolling.
User 1 – Domain joined on local prem DC
AzureAdJoined: YES
EnterpriseJoined: NO
DomainJoined: YES
User 2 – Device joined to Azure AD
As other’s have mentioned, we would like to minimise the disruption to end users, hence why we were looking to use the auto enrolment option.
Aug 22 2020 08:41 AM - edited Aug 22 2020 08:43 AM
Frustrating situation. I found this solution. Specifically I used the powershell script and deployed via RMM agent installed on systems already. Script adds registry key then creates scheduled task to start MDM enrollment. Hope this helps someone