Personal devices enrolled into Intune despite being blocked?

%3CLINGO-SUB%20id%3D%22lingo-sub-2823751%22%20slang%3D%22en-US%22%3EPersonal%20devices%20enrolled%20into%20Intune%20despite%20being%20blocked%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2823751%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20still%20fairly%20new%20to%20modern%20device%20management%20so%20please%20forgive%20me%20in%20advance!%20I've%20currently%20got%20several%20hundred%20devices%20enrolled%20via%20Autopilot%20successfully%20into%20MEM%2C%20but%20found%20a%20dozen%20or%20so%20that%20popped%20up%20as%20personal%2C%20despite%20that%20option%20having%20been%20restricted.%20Am%20I%20missing%20something%20that%20is%20allowing%20the%20occasional%20one%20to%20slip%20through%20the%20cracks%3F%20I%20did%20a%20quick%20search%20here%20and%20didn't%20come%20across%20a%20similar%20issue%20so%20figured%20I%20would%20ask.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2823751%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAutopilot%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EPersonal%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Erestriction%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2823998%22%20slang%3D%22en-US%22%3ERE%3A%20Personal%20devices%20enrolled%20into%20Intune%20despite%20being%20blocked%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2823998%22%20slang%3D%22en-US%22%3ESince%20these%20were%20Autopilot%20enrolled%20I%20know%20they%20are%20actually%20approved%20corporate%20devices%2C%20so%20I've%20gone%20ahead%20and%20recommended%20that%20we%20update%20their%20ownership%20status%20manually%2C%20but%20I'm%20still%20curious%20to%20know%20how%20out%20of%20all%20the%20hundreds%20of%20devices%20these%20few%20were%20labeled%20as%20Personal.%20%3D)%3C%2Fimg%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2866828%22%20slang%3D%22en-US%22%3ERE%3A%20Personal%20devices%20enrolled%20into%20Intune%20despite%20being%20blocked%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2866828%22%20slang%3D%22en-US%22%3EHey%20Rudy%20thanks%20for%20the%20reply%20and%20I%20just%20wanted%20to%20follow%20up%20here.%20It%20looks%20like%20the%20devices%20were%20marked%20as%20Corporate%20but%20during%20the%20OOBE%20a%20few%20of%20the%20end%20users%20must%20have%20selected%20%22personally%20owned%20device%22%20by%20accident%20which%20seems%20to%20have%20carried%20thru%20the%20process.%20If%20they%20hadn't%20have%20already%20been%20identified%20as%20corporate%20owned%2C%20I%20suspect%20they%20would%20have%20been%20blocked%20from%20enrolling%20altogether.%20At%20least%20it%20was%20a%20quick%20fix%20by%20going%20in%20and%20editing%20them%20back%20to%20Corporate%20ownership%20status.%20%3D)%3C%2Fimg%3E%3C%2FLINGO-BODY%3E
Microsoft

I'm still fairly new to modern device management so please forgive me in advance! I've currently got several hundred devices enrolled via Autopilot successfully into MEM, but found a dozen or so that popped up as personal, despite that option having been restricted. Am I missing something that is allowing the occasional one to slip through the cracks? I did a quick search here and didn't come across a similar issue so figured I would ask.

4 Replies
Since these were Autopilot enrolled I know they are actually approved corporate devices, so I've gone ahead and recommended that we update their ownership status manually, but I'm still curious to know how out of all the hundreds of devices these few were labeled as Personal. =)
You could be sure that with that enrollment restrictions no "personal" devices could be enrolled

For Corporate devices”. So what makes a device corporate? The device needs to be: Azure Ad joined (Autopilot/User-Driven/OOBE) or enrolled with Apple Business Manager / DEP to be marked as Corporate.(or manually changed in Intune after enrollment)

https://call4cloud.nl/2021/08/the-battle-between-aadj-and-aadr/
Hey Rudy thanks for the reply and I just wanted to follow up here. It looks like the devices were marked as Corporate but during the OOBE a few of the end users must have selected "personally owned device" by accident which seems to have carried thru the process. If they hadn't have already been identified as corporate owned, I suspect they would have been blocked from enrolling altogether. At least it was a quick fix by going in and editing them back to Corporate ownership status. =)
:).. sometimes the solution is easier than you might think.. So the issue was the last part in my sentence :) : (or manually changed in Intune after enrollment) . Thanx for replying back