Apr 21 2021 05:05 AM
Hi All
Sorry, I haven't posted for a while.
Anyway, I need some clarification on the Intune Auto Enrolment GPO.
1. Once the GPO is created, on the Security Filtering, is Domain Computers a valid choice or should a dedicated device group be created?
2. If configuring AutoPilot is the Intune Auto Enrolment GPO still required?
Info appreciated
May 01 2021 03:08 AM
Hi,
1. I think it would be best practice to target a specific group/ou instead of targetting all domain computers. I don't know how many devices you have, but I guess when suddenly 1000 devices enrolled into intune... you maybe got some work
2. With the gpo you ensure already existing domain/hybrid azure ad joined device are enrolling into intune. If you are using autopilot for an hybrid azure ad join you will need the intune connector.
The blog from anoop describes the whole process
https://www.anoopcnair.com/windows-autopilot-hybrid-domain-join-guide/