Posted inMicrosoft Cloud

Enroll Windows 11 devices to Intune

No Comments
Enroll Windows 11 devices to Intune

Enrolling Windows 11 devices into Microsoft Intune allows you to manage and configure the devices remotely. Intune can be used to push security policies, apps, and settings to enrolled devices. There are several methods to enroll Windows 11 devices into Intune, depending on whether the device is personally owned, corporate-owned, or part of Windows Autopilot deployment.

Methods for Enrolling Windows 11 Devices into Intune

Method 1: Automatic Enrollment (Azure AD Join)

Automatic enrollment is typically used when the device is joined to Azure Active Directory (Azure AD). This method is common for corporate-owned devices and allows the device to be automatically enrolled into Intune when it joins Azure AD.

Steps to Enroll Windows 11 via Azure AD Join (Automatic Enrollment):

  1. Join the Device to Azure AD:
    • Go to Settings > Accounts > Access work or school.
    • Click on + Add a work or school account and select Join this device to Azure Active Directory.
    • Enter the Azure AD credentials (work or school account).
    • Follow the prompts to complete the Azure AD join process.
  2. Automatic Enrollment:
    • After joining the device to Azure AD, automatic enrollment into Intune will happen.
    • Ensure that Automatic Enrollment is enabled in the Intune portal. This can be set up in the Azure AD portal under Device settings.

Verify Enrollment:

  • After the device has joined Azure AD, you can verify its enrollment status by going to Settings > Accounts > Access work or school > Work or school account > Info.
  • The device should show as managed by Intune.

Method 2: Windows Autopilot

Windows Autopilot is a cloud-based service that simplifies the process of provisioning and deploying devices into Intune. Autopilot can be used for new devices, or it can reset existing devices for redeployment.

Steps to Enroll Windows 11 via Windows Autopilot:

  1. Prepare Autopilot Profiles in Intune:
    • Go to Microsoft Endpoint Manager admin center: https://endpoint.microsoft.com
    • Under Devices, go to Windows > Windows Autopilot Deployment Program.
    • Configure Autopilot deployment profiles (e.g., setting up user-driven or self-deploying profiles).
  2. Register Devices for Autopilot:
    • Go to Devices > Windows > Windows Autopilot Deployment Program.
    • Add devices by importing the hardware IDs of the devices (typically a CSV file with the device information).
  3. Configure Device for Autopilot:
    • After configuring Autopilot profiles, assign the Autopilot profile to the device in Intune.
  4. Deploy Device with Autopilot:
    • Once the profile is assigned, the device will be automatically enrolled into Intune when it is reset or initially powered on.
    • The user will sign in with their Azure AD credentials during the out-of-box experience (OOBE), and the device will be enrolled in Intune and receive all the configured policies and applications.

Method 3: Manual Enrollment

For devices that are not Azure AD joined, you can manually enroll them into Intune.

Steps to Manually Enroll Windows 11 Devices into Intune:

  1. Open Settings on the Device:
    • Go to Settings > Accounts > Access work or school.
  2. Add Work Account:
    • Click + Add a work or school account and then select Enroll only in device management.
  3. Sign in with Work or School Account:
    • Sign in with your Azure AD or Microsoft 365 work or school account.
    • The device will start the enrollment process, and it will be managed by Intune.
  4. Complete the Enrollment:
    • Follow the prompts to complete the enrollment process. The device will be registered in Intune.
    • The device will now receive Intune policies and apps.

Verify Enrollment:

  • After enrollment, verify that the device is managed by Intune by going to Settings > Accounts > Access work or school > Work or school account > Info.
  • The device should show as managed by Intune.

Method 4: Enrollment via Company Portal App (for Personal Devices)

If users are enrolling personal devices into Intune (BYOD – Bring Your Own Device), they can use the Company Portal app to enroll.

Steps to Enroll via Company Portal:

  1. Install the Company Portal App:
    • Download and install the Company Portal app from the Microsoft Store.
  2. Sign in:
    • Open the Company Portal app and sign in with your work or school account.
  3. Begin Enrollment:
    • Follow the on-screen instructions in the Company Portal app to enroll the device into Intune.
  4. Complete Enrollment:
    • Once the enrollment is complete, the device will receive policies and settings configured by the admin in Intune.

Method 5: Manual Enrollment using MDM (Mobile Device Management) URL

This method is often used for devices that are not automatically enrolled through Azure AD join or Autopilot.

Steps:

  1. Open Settings > Accounts > Access work or school.
  2. Add a Work Account and sign in with the work or school account.
  3. Enroll the Device by going to Settings > Accounts > Access work or school > Info and ensuring the device is enrolled.

Conclusion:

There are multiple methods to enroll Windows 11 devices into Microsoft Intune, depending on the device’s ownership and configuration. The most common methods include:

  • Automatic Enrollment via Azure AD join.
  • Windows Autopilot for streamlined provisioning and deployment.
  • Manual enrollment or Company Portal for personal devices.

Each method has its advantages based on your environment and needs. Ensure you choose the one that best fits your organization’s workflow.

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *