cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Issues with MDM enrollment of AAD joined devices

roelheymans
Copper Contributor

‎Dec 28 2020 04:11 PM

‎Dec 28 2020 04:11 PM

Issues with MDM enrollment of AAD joined devices

We have windows 10 devices already AAD joined prior to configuring Intune. 

When enrolling those devices into MDM, we get the following issues in MEM:

  • Discovered apps: No installed applications found on this device
  • Bitlocker recovery keys: No BitLocker recovery key found for this device
  • While the devices have an autopilot policy assigned, autopilot reset is greyed out

Registering a new device to the tenant works as expected, without the above issues. 

 

How do we get our AAD joined devices to play along nicely with Intune MDM?

 

 
 
 
 
2,961 Views
0 Likes
2 Replies
Reply
2 Replies
PDostiyar

‎Dec 30 2020 06:05 AM

‎Dec 30 2020 06:05 AM

Re: Issues with MDM enrollment of AAD joined devices

@roelheymansI think the best practice will be to enable the same user group to be able to join devices to Azure AD and also enroll them into intune...

 

I am not sure how you have done the setup is everyone allowed to join their devices to Azure AD and then what is the enrollment rule...

 

what I have done to make it easy have created a static Security group where I add manually users when they come on board... the same group is allowed on Azure that only this group can join devices to Azure, and in the Intune enrollment section the same group is allowed to enroll the devices into intune...

 

so this way once someone clicks on Add the devices to Azure Active Directory in the same process the device is joined to Azure AD and then enrolled into Intune...

 

Please let me know if you have anything else specific....

0 Likes
Reply
roelheymans

‎Dec 31 2020 06:02 AM

‎Dec 31 2020 06:02 AM

Re: Issues with MDM enrollment of AAD joined devices

That is indeed the way we have set it up and it works for new devices.

However, devices already AAD joined before MDM was configured, end up partially configured with no apparent way to correct it. 

 
 
 
 
0 Likes
Reply