Forum Discussion

Paul_Lawrence's avatar
Paul_Lawrence
Copper Contributor
Mar 08, 2023

Intune Enrollment with Autopilot

I need some help please.  I'm trying to get Autopilot and Intune working in our environment.  We have a goal of all new corporate devices to be Azure AD joined only and to be managed by Intune.   I...
Autopilot
Intune
mobile device management (mdm)
Rudy_Ooms_MVP's avatar
Rudy_Ooms_MVP
MVP
Mar 08, 2023

One thing I havent completed yet is the MDM CNAME setup " 🙂 My advice configure the mdm cname and try again

I am also missing the enrollment status page in your question... (OOBE it got to the desktop) it should show you the enrollment status page 🙂 so if you have configured that one, please do

  • Paul_Lawrence's avatar
    Paul_Lawrence
    Copper Contributor
    Mar 21, 2023
    Apologies for the late response, Ive been on holiday.

    So I got the CNAME records for MDM setup yesterday and it still doesn't seem to work. I imported my device into the Autopilot devices list and assigned it to my user account. The device and my user account are a member of a Autopilot test group, AZ-SG-AutoPilot-Test, that has been assigned to the following:

    Enrollment Status Page, using the default one but with some changes:

    Show app and profile configuration progress: Yes
    Show an error when installation takes longer than specified number of minutes@ 60
    Show custom message when time limit or error occurs: Yes
    Error message: "Setup could not be completed. Please try again or contact your support person for help."
    Turn on log collection and diagnostics page for end users: Yes
    Only show page to devices provisioned by out-of-box experience (OOBE): No
    Block device use until all apps and profiles are installed: Yes
    Allow users to reset device if installation error occurs: Yes
    Allow users to use device if installation error occurs: No
    Only fail selected blocking apps in technician phase: No
    Block device use until required apps are installed if they are assigned to the user/device:
    *** Cisco Secure Endpoint ***
    *** Manage Engine Endpoint Central Agent ***

    I've setup a Autopilot Deployment Profile:

    Deployment mode: User-Driven
    Join to Azure AD as: Azure AD joined
    Language (Region): User select
    Microsoft Software License Terms: Hide
    Privacy settings: Hide
    Hide change account options: Hide
    User account type: Standard
    Allow pre-provisioned deployment: No
    Apply device name template: Yes
    Enter a name: MA%SERIAL%
    Assignments:
    Included groups: AZ-SG-AutoPilot-Test
    Excluded groups:
    Scope tags:

    All my apps have been assigned to the same group "AZ-SG-AutoPilot-Test". So I reset my test device, and it started the OOBE, The deployment profile seems to have run as it only asked me to set my keyboard / language settings. and it changed my computer name to MA%SERIAL%. After a couple of reboots I got my desktop. I didnt see an Enrollment Status Page not did it block my access while the two apps specified were installed. I checked the Intune console and I couldn't see my device as being enrolled. It did appear in Azure AD as a Autopilot device.

    I just cant seem to get Autopilot to enroll my device in Intune. I've tried to simplify everything by only using one group to which my user account and my device are assigned to. Any ideas?

Resources