Automatic MDM enrolment means when a Windows device joins Entra, the device will automatically be enrolled into Intune with the MDM enrollment flow.
To configure automatic Windows enrollment, follow these steps:
1. In the Microsoft Intune admin center, go to Devices | Windows | Windows enrollment followed by Automatic Enrollment:
Figure : Microsoft Intune admin center – Windows automatic MDM enrollment
User enrollment can also be scoped to a group of users, if all your users have an Intune license assigned. The best option is to leverage Intune enrollment restriction to configure which Windows devices a user can enroll.
2. Make sure to select All for MDM user scope:
Figure : Microsoft Intune admin center – MDM user scope
Here’s what all the options for MDM user scope mean:
• None: MDM automatic enrollment is disabled.
• Some: Select the groups that can automatically enroll their Windows devices.
• All: All users can automatically enroll their Windows devices.
For Windows Bring Your Own Device (BYOD) devices (personal enrollment), the Mobile Application Management (MAM) user scope takes precedence if both the MAM user scope and the MDM user scope (automatic MDM enrollment) are enabled for all users (or the same groups of users).
The Windows Information Protection without enrollment scenario in Microsoft Intune is no longer supported, and you are not able to create a new policy for that scenario.
If you encounter a warning like this:
Figure : Microsoft Intune admin center – Automatic MDM enrollment
It means that you do not have an active Entra ID Premium subscribe in your tenant.
Thant Zin Phyo@Cracky (MCT, MCE, MVP)
No comments:
Post a Comment