AzureAD Joined assign MDM management

andreas bright 561 Reputation points
2021-01-19T12:59:19.147+00:00

Hi,

We have existing machines registered in AzureAD as AzureAD joined, and we have MDM = None.
We have now enabled Intune, and configured MDM so new devices will automatically get MDM = Intune.

What is the recommended way to have the existing devices enrolled in Intune without doing a reset of the machine.
Do we have the users download the company portal from Microsoft Store and follow the steps ?

Thanks for reply

/Andy

Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,254 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,365 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jason Sandys 31,161 Reputation points Microsoft Employee
    2021-01-20T02:50:20.697+00:00

    There is no direct method to do this automatically.

    User initiated enrollment methods are listed at https://learn.microsoft.com/en-us/mem/intune/enrollment/windows-enrollment-methods#user-self-enrollment-in-intune.

    Technically, you could also use a local group policy, but that's a catch-22 as there's no easy way to configure the local group policy if the systems aren't already managed.

    1 person found this answer helpful.
    0 comments
  2. Lu Dai-MSFT 28,351 Reputation points
    2021-01-20T03:07:47.14+00:00

    @andreas bright Thanks for posting in our Q&A.

    For this issue, "MDM = None" means these devices are not enrolled in intune. We suggest to try to enter Azure AD account in settings > accounts > Access work or school. Then check if the MDM = intune.
    58477-image.png

    For the company portal, I just can give some information. We can download the company portal from Microsoft store store free and sign in the app with work account. We can see the video in the following link as a reference.
    https://learn.microsoft.com/en-us/mem/intune/user-help/enroll-windows-10-device

    Hope it can help.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments
  3. Jason Sandys 31,161 Reputation points Microsoft Employee
    2021-01-20T18:40:13.49+00:00

    wouldn't this cause the machines to then automatically join Intune ?

    No. The auto enrollment flow is only triggered at the time a system joins AAD.

    1 person found this answer helpful.
    0 comments
  4. andreas bright 561 Reputation points
    2021-01-20T09:14:48.75+00:00

    Hi,

    Thanks for reply @Jason Sandys @Lu Dai-MSFT

    One other thing then, the users have today license = Microsoft 365 Business Standard, and we will change this to Microsoft 365 Business Premium. And since we have configured Automatic Enrollment as you can see from the image, wouldn't this cause the machines to then automatically join Intune ?
    58468-1.jpg