SOLVED

Intune Autopilot Domain Join Profile

Copper Contributor

We are in the process of setting up Autopilot for our Organization. The enrollment profile and domain join profiles are created. When we enroll machines everything succeeds but the machine is attached to the workgroup but not to the domain. The domain join policy shows that it is not applicable to the enrolled machine. We are cloud only org. with no on-prem devices. Not sure why the policy is not applicable to the enrolled machine. Because of this the Apps are not being installed during enrollment. Any help / suggestion would be helpful.

 

P.S.: The machine being enrolled is using a generic RTM Windows 11 Pro key and is not activated.

3 Replies
best response confirmed by sramkumars (Copper Contributor)
Solution

Not sure if I understand this correctly, but you have no Active Directory at all? If so, you need a deployment profile and optionally configure the ESP (Enrollment Status Page). (Check group assignments on both at least) The machine is joined to the workgroup "WORKGROUP" but Azure AD Joined.

Perhaps you expected to have to configure a domain to join, with the domain being the Azure AD Name? (What name did you configure?)

And I think it's not applicable because you don't have Azure AD Connect or the hybrid join agent installed in your case.

@Harm_VeenstraThanks for the time and response. We have configured the deployment profile and ESP. The deployment is successful. The expectation was that the machine will join to the domain (with AAD name). Understood that domain join needs a DC in the first place and AAD is not a DC.  :smile:

Ah, no problem and glad it's all ok! And I understand that completely, I thought the same years ago and it's something that you would expect coming from Active Directory ;)
1 best response

Accepted Solutions
best response confirmed by sramkumars (Copper Contributor)
Solution

Not sure if I understand this correctly, but you have no Active Directory at all? If so, you need a deployment profile and optionally configure the ESP (Enrollment Status Page). (Check group assignments on both at least) The machine is joined to the workgroup "WORKGROUP" but Azure AD Joined.

Perhaps you expected to have to configure a domain to join, with the domain being the Azure AD Name? (What name did you configure?)

And I think it's not applicable because you don't have Azure AD Connect or the hybrid join agent installed in your case.

View solution in original post