Oct 12 2022 09:58 AM
Hi
Have I missed something here, I have a test device classified as personal where the user is in scope for Azure ad Join, Is NOT part of the MDM user Scope and personal devices is blocked.
During OOBE I get an error when setting up the device for corporate use (80180014), which is due to the enrollment restrictions blocking personal devices as I can see the report in Intune.
However why is the device not trying to Join Azure AD only? As the user is not in scope for Auto MDM join, I was expecting the device to Azure AD join only, or is the OOBE configured to try and enroll to Intune irrespective of the Intune MDM scopes and Azure AD only join is only via Windows settings?
Thanks
James
Oct 12 2022 10:47 PM - edited Oct 12 2022 11:42 PM
Mmmm... when enrolling an existing device to aadj or aadr within windows and you have blocked personal device enrollments and the user is not in the mdm scope the device would just enroll into aadj or aadr without that error....
Just tried the same but this time from the oobe (windows 11) and started the azure ad join... and it just joined AAD without the error... so the same as with an existing device
Oct 13 2022 11:15 PM