Intune GPO Questions

Iron Contributor

Hi All

 

Sorry, I haven't posted for a while.

 

Anyway, I need some clarification on the Intune Auto Enrolment GPO.

1. Once the GPO is created, on the Security Filtering, is Domain Computers a valid choice or should a dedicated device group be created?

2. If configuring AutoPilot is the Intune Auto Enrolment GPO still required?

 

Info appreciated

1 Reply

@StuartK73 

 

Hi,

1. I think it would be best practice to target a specific group/ou instead of targetting all domain computers. I don't know how many devices you have, but I guess when suddenly 1000 devices enrolled into intune... you maybe got some work
2. With the gpo you ensure already existing domain/hybrid azure ad joined device are enrolling into intune. If you are using autopilot for an hybrid azure ad join you will need the intune connector.
The blog from anoop describes the whole process

https://www.anoopcnair.com/windows-autopilot-hybrid-domain-join-guide/