Hi guys,

Im having some trouble and also some questions about the correct enrollment method, when Im using a Shared multi-user device Configuration Profile. In this article https://docs.microsoft.com/en-us/windows/configuration/set-up-shared-or-guest-pc  the author says, that a shared multi-user device has to be enrolled by a person with the appropriate rights. So it has to be enrolled with AAD joined enrollment method and thats not optimal lets say so.

I tried to enroll a device with the AAD Selfdeploy enrollment method, but with that I ran into an error, during enrollment. But the enrollment still let me continue with the process, and than all worked fine there was the guest account as it should be and I also had an Intune object created. But it seems with shared multi-user device config I cannot use the AAD Selfdeploy enrollment or its not recommended?

Its all still on a test scenario basis, but if we want to enroll this now in our productive environment, someone has to Join these devices to AAD. But then the device is assigned to that user, and that is not what we want. We want for these shared devices that the license is on the device not the user (obviously on a shared device)

The shared multi-user device profile would be the best available scenario in my opinion for our required scenario and for our users. We dont want to use the kiosk single app or multi app mode, because thats to harsh restrictions. In the past we worked with a local account on our shared devices, and with that account the people could then login to our citrix environment. But they also had the possibility to store data local and use the device for presentation and so on.

So we could also possibly use the AAD join Selfdeploy mode for that requirement, but then every user has to login on that device with their own user, and our employees are not that high on the IT level if you know what I mean.

Maybe you guys have some recommendations about this issue.

Thanks a lot