Edit

Share via

Pre-provision Microsoft Entra join: Set up Windows automatic Intune enrollment

Windows Autopilot for pre-provisioned deployment Microsoft Entra join steps:

  • Step 1: Set up Windows automatic Intune enrollment

For an overview of the Windows Autopilot for pre-provisioned deployment Microsoft Entra join workflow, see Windows Autopilot for pre-provisioned deployment Microsoft Entra join overview

Note

If you have already set up automatic Intune enrollment from another Autopilot scenario, you can skip this step and move on to Step 2: Allow users to join devices to Microsoft Entra ID.

Set up Windows automatic Intune enrollment

In order for Windows Autopilot to work, devices need to be able to enroll in Intune automatically. Enrolling devices in Intune automatically can be configured in the Azure portal:

  1. Sign in to the Azure portal.

  2. Select Microsoft Entra ID.

  3. In the Overview screen, under Manage in the left hand pane, select Mobility (MDM and MAM).

  4. In the Mobility (MDM and MAM) screen, select Microsoft Intune.

  5. In the Configure page that opens, next to MDM user scope, select either All or Some:

    • If All is selected, all users can automatically enroll their devices in Intune.

    • If Some is selected, only users specified in the groups next to Groups can automatically enroll their devices in Intune. To add groups:

      1. Select the link next to Groups.

      2. In the Select groups window that opens, select the desired groups to add.

      3. Once all of the desired groups are selected, select Select to close the Select groups window.

        Note

        The group(s) selected must be a Microsoft Entra group that contains user objects.

  6. In the Configure screen, if any changes were made, select Save.

Next step: Allow users to join devices to Microsoft Entra ID

Step 2: Allow users to join devices to Microsoft Entra ID

More information

For more information on Windows automatic MDM/Intune enrollment, see the following articles: