Windows 10: Azure AD Join with Intune Enrollment
Hello again! I recently posted about a few cool, and not so cool features of Windows 10 Azure AD Join. One of the cools was the ability to automatically enroll a device in Intune upon joining Azure AD. At the time of that post this feature was not yet available. As you might have guessed by this post, this functionality now works! This includes standalone Intune as well as System Center Configuration Manager 2012 integrated Intune (Unified Device Management).
A great feature of automatic Intune enrollment is the ability to restrict enrollment to a Group of users. This can be a Cloud based Group, or an on prem Active Directory Group, sync’ed to Azure AD.
Let’s take a look and see how it works!
First and foremost, you must have an Intune subscription using the same tenant as your Azure Active Directory that you plan on joining is using. 🙂
Login to your Azure portal (manage.windowsazure.com) and select your Active Directory. Click the Applications link, and then click Microsoft Intune.
Click Configure, then near the bottom, slide the “Apply to” over to Groups. Click “Select Groups” and choose the group you want to limit enrollment to.
Now let’s take a look at enrolling a Windows 10 (Enterprise or Pro) device into Azure AD with my account who is a member of the group we specified above. Note that you can also join Azure AD during the OOBE of a new Windows 10 computer. This post shows joining after OOBE and being logged in as a local administrator. The OOBE process is very similar.
Navigate to Settings > System > About, and select Join Azure AD.
If you are sure you want to join at this point click Join 🙂
TIP: If you are greeted with “Something went wrong” message with error code 8019000a, ensure you do not have an SCCM Client installed as this is a hard stop for Azure AD join. If you do, uninstall it and Try again.
Now lets take a look at SCCM to see our newly Intune enrolled Windows 10 computer.
As you can see, this is a very straight forward and painless process. I encourage you to start testing today and see how Azure AD Join and Microsoft Intune could be a part of your company’s future!