Microsoft Intune: Auto enroll using settings app

Published on: September 24, 2021 | Reading Time: 3 min | Last Modified : September 24, 2021

Enroll using Settings app

Till now, we came through different Intune enrollment types like enroll only in device management option, using company portal. Today, let’s learn about enrollment options using Settings app in windows 10 and windows 11 OS running devices. Using this settings app only we can achieve enrolling a device as personal device (BYOD) or corporate device (COD). If you are not familiar about BYOD and COD, I have explained in separate post. Please refer HERE. Long story short, in Intune console , the device will show up as Corporate (AAD Join + Intune enrollment) and Personal (AAD registration + Intune enrollment).

Prerequisites

For both BYOD and COD, there is common requirements that needs to be configured before user attempts to enroll their device using settings app and the requirement is to configure auto-enrollment in Intune. If you are not aware how to configure, I am adding Microsoft link you can refer to. However, We can set MDM and MAM user scope here as shown below.

Note: When both MDM & MAM enrollment is configured for a user, the MAM enrollment takes precedence for personal devices.

BYOD (Bring Your Own Device)

BYOD method enables user to enroll a personal device into Microsoft Intune by using the Settings app and adding a Work and School account. This action will trigger registering the device in Azure AD and will also automatically enroll the device into Intune.

Steps

Step 1: Start > Settings > Accounts > Work Access or school Step 2: Select Connect

Step 3: New window will open, here user need to enter Azure AD credentials

After sometime, your device will be registered to Azure AD and it will come up to Intune devices as personal device.

COD (Corporate Owned device)

The Azure AD join option in setings enables the user to enroll their device to Intune. The user has to specifically choose join this device to Azure AD. This same behavior can also be achieved during the Out-Of-the-Box-Experience (OOBE) by entering Azure AD credentials under setting the device up for an organization when user first time turn on their brand new device.

Steps

Step 1: Start > Settings > Accounts > Work Access or school Step 2: Select Connect Step 3: Now Select join this device to Azure AD as shown below-

Now, you will get one more window where you need to enter Azure AD credentials. After sometime, your device will be joined to Azure AD and it will come up to Intune devices as corporate device.

References