Share via

Can Intune be installed on Hybrid Azure AD joined device without Automatic MDM enrollment.

Lukas 20 Reputation points
2023-03-15T12:58:20.59+00:00

We are currently testing Intune implementation in our company.
We synchronized some devices and users from on-prem AD to Hybrid Joined as for the PoC. But cannot enroll them into intune.
After some research i found out all if not all options for hybrid joined devices require automatic MDM enrollment which at the moment is not reachable for us as we don't have Azure AD Premium subscription.
I can confirm enrollment is working just fain for AAD windows enrollment, macos enrollment, even linux enrollment, but we struggle to enroll even single hybrid joined windows device.
My question is, if there is a way to enroll hybrid joined device without the automatic MDM enrollment? IF yes then can you please point us in the right direction?
As this is still test phase we may still change our selection of licenses if they are wrong, we currently use:
Intune Plan 1 + Defender for Endpoint Plan 2 licenses assigned to the synchronized users, if this use case requires different set of licenses can you please advise on the right ones?

Best Regards

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,244 questions
Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,320 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,743 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,629 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 46,271 Reputation points Microsoft Vendor
    2023-03-16T01:19:53.9166667+00:00

    @Lukas, Thanks for posting in Q&A.

    For Hybrid Azure AD join device, there are the following methods we can choose to do the enrollment:

    • GPO enrollment
    • Autopilot Hybrid Azure AD join
    • Co-management

    For all these methods, automatic enrollment is a required step to configure. And Azure AD Premium license is necessary. Here are the links with more details for your reference:

    GPO enrollment:

    https://learn.microsoft.com/en-us/windows/client-management/enroll-a-windows-10-device-automatically-using-group-policy

    Autopilot Hybrid Azure AD join

    https://learn.microsoft.com/en-us/mem/autopilot/windows-autopilot-hybrid

    Co-management

    https://learn.microsoft.com/en-us/mem/configmgr/comanage/tutorial-co-manage-clients

    Here, we suggest you consider Azure AD premium license in your plan.

    Hope the above information can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.