question

andreasbright-4989 avatar image
1 Vote"
andreasbright-4989 asked Crystal-MSFT answered

iPhone enrollment

Hi,

First off all, thanks for all the answers I get, there are so many questions that comes up when I am testing, and its not always easy to find a simple answer on the web.


I am enrolling iPhones into Intune and it works great, but I need some explaining regarding the following.

  1. When I download Company portal and login with my email, I am never asked if this is a personal device of company device. It always creates it as personal. I am not able to change it later either from the Endpoint console from Private -> Corporate because the save button is grey. Is this because we do not use either one of these ? Apple's Automated Device Enrollment (ADE), Apple School Manager, Apple Configurator Setup Assistant enrollment or Apple Configurator direct enrollment.

Also one other thing, I see that I can create a Enrollment type profile where I can select between user or device. I tried to create this, and select device and assigned the user group, and rerun the intune enrollment on the iphone, but I did not see any difference ? What should I expect here ?

Thanks for all good support.

/R
Andy



mem-intune-generalmem-intune-enrollment
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

2 Answers

Crystal-MSFT avatar image
2 Votes"
Crystal-MSFT answered andreasbright-4989 commented

@andreasbright-4989, From your description, I notice we choose BYOD enrollment method. We can see all the iOS enrollment methods in the following link:
https://docs.microsoft.com/en-us/mem/intune/enrollment/device-enrollment

Based as I know, Intune will automatically assign coporate-owned devices when we enroll with the following methods:

  • Enrolled with a device enrollment manager account (all platforms)

  • Enrolled with the Apple Device Enrollment Program, Apple School Manager, or Apple Configurator (iOS only)

  • Identified as corporate-owned before enrollment with an international mobile equipment identifier (IMEI) numbers (all platforms with IMEI numbers) or serial number (iOS and Android)

  • Joined to Azure Active Directory with work or school credentials. Devices that are Azure Active Directory registered will be marked as personal.

  • Set as corporate in the device's properties list

https://docs.microsoft.com/en-us/mem/intune/enrollment/corporate-identifiers-add

As we use BYOD method, so our device ownership shows as personal. To change it to corporate, we can go to the properties of the device and change ownership for it. Could you confirm if the grey option is under the same location? if yes, we appreciate a screen shot for this?
58434-image.png
For the enrollment type, if we didn't set an enrollment type profile, device enrollment will be chose as the default. So we get the same result.

Hope it can help.

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



image.png (101.0 KiB)
· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

andreasbright-4989 avatar image andreasbright-4989 ·

Hi,

Hehe, I didn`t scroll down to the bottom...:)
I was not able to switch it to corporate.

But what is actually the difference ?

Is it only so I can deploy different configuration if its a personal or a company device, and from the monitor point of view I can see the complete phone number ?
Is there anything else spesific ?

1 Vote 1 ·
Crystal-MSFT avatar image
2 Votes"
Crystal-MSFT answered

@andreasbright-4989,Thanks for the reply. In General, Enrolled devices have two “modes” in Intune: personal and corporate. personal devices are considered user owned. If a user owns their own device, and wants to access corporate data, then that is a “personal” device and. Corporate devices are considered company owned. These are devices that are owned by the company, and are generally expected to have more access to internal data, but also more restrictions.

Based as I know, there are not too much difference. Personal and corporate devices can be managed the same way If you want to separate, we can create different groups for them and apply different polices. The mainly difference is that Intune will collect a little bit more information about corporate devices. Intune will collect the phone number and app inventory of company owned devices for reporting and monitoring purposes, but will not do this for personal devices. Here is an article for the reference:
https://docs.microsoft.com/en-us/mem/intune/user-help/what-info-can-your-company-see-when-you-enroll-your-device-in-intune

Hope it can help.

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.