Windows 10: AutoPilot for Existing Devices - MDM Enrollment

Trying to find a way to get devices enrolled with Endpoint Manager without the need for local admin or VPN. Does anyone have suggestions on how to get devices enrolled during this time of remote work? everything i have checked on either requires connection to the local network or local admin.Help is greatly appreciated.What i have done:Setup AutoPilot profileImported test deviceConnected work account through Store AppUnsure if autopilot profile assignment will force devices to enroll or not.I tested the above yesterday and it seemed to work but today when i tried to reverse engineer what i d

:)

 

Enrolling end users in MDM

Hi,



Thank you for posting in Microsoft Community.

I understand that you are trying to enroll users in Intune MDM.

However, for issues related to Microsoft Intune, let me help to point you in the right direction. I would suggest you to post your query in
TechNet Forums where you will find professionals with expertise on Microsoft Intune in
Windows 10 and that would be the appropriate forum.



References:
Troubleshoot device enrollment in Microsoft Intune

MDM enrollment of Windows-based devices

 

Unable to enroll Device into Azure AD using 3rd Party On-Premise MDM

We are in the process of Integrating a third party MDM (on-premise) with Autopilot in AAD portal to enable Windows 10 OOBE. We want to achieve this by leveraging an on-premise Core Enterprise Application server in Azure. We have configured the following so far which is not working as expected. Also Can't find any relevant event logs within "User Device Registration" or "DeviceManagement-Enterprise-Diagnostics-Provider" :

1. The Autopilot Device Profile was created by importing ID into Autpilot.
   
2. Security Group with authorised users incl. MFA enabled Authentication
   
3. Redirect URIs was also configured in MDM App used by Azure AD to join Web App via corresponding client_id which maps one of Azure DRS.
   
4. Terms of Usage URLs plus secret keys was also created. MDM DISCOVERY URL & MDM TERMS OF USE URL are correctly set but havent checked if they are accessible over the Internet
   

NB: All of the above and a host of other requirements was double checked and tested several times. Device is able to enrol when InTune is used as the MDM server (by adding the InTune application to my Azure AD)

A Test Device out of the box was used to run the following test scenarios in Azure with an E5 incl. mdm + security subscription.

During our tests we got the following error:

After some googling i read this could be caused by DNS issues, outbound proxy issues, or a variety of other reasons.

I also read this can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. We might have sent the authentication request to the wrong tenant but checked this with a colleague today and granted all necessary permissions as required. Didnt do the trick

I also read this could simply be due to a general Authentification Failure which still looks very generic to me.

Anyone has any clues on how to troubleshoot these kinds of problems based on the error reported. Tips Will be very much appreciated.

 

Windows 10 Cisco Meraki MDM will not allow me to enrol

Hi

In order to enrol a device onto the Cisco Meraki MDM you must follow the below -

1. Navigate to Settings > Accounts > Access work or school on the desktop Windows device.
2. Click Connect
3. Enter an email address on a domain that does not exist and click - Connect or Continue
4. Then it will prompt for you to enter an MDM server
5. In the Server box, enter URL
6. Enter this Network ID:
7. Click Register
8. The device will automatically synchronize with the Meraki Cloud and appear in the client list

The above usually works fine but today on a w laptop when entering the not existent email address it does not prompt for an MDM URL but infact does the below -