May 04 2021 10:17 AM - edited May 04 2021 10:19 AM
When we enable intune policy: Block write access to devices configured in another organization in Intune Bitlocker policy
We also need to deploy an Onprem GPO policy: Provide unique identifier for your organization.
This will allow the PC to differentiate the Org it belongs to.
GPO policy: Provide unique identifier for your organization is missing in Intune.
Because of this we cannot use Intune policy: Block write access to devices configured in another organization.
Looking for suggestions how we implement Block write access to devices configured in another organization in Intune for Azure AD Join (not hybrid domain join)?