Share via

Enabling MDM Automatic Enrollment with PowerShell

Swahela Mulla 95 Reputation points
2023-07-21T09:21:40.3733333+00:00

Hello Everyone,

I am facing a challenge regarding MDM (Mobile Device Management) automatic enrollment, and I am hoping to find some guidance here.

I have been researching how to enable MDM automatic enrollment using PowerShell, but so far, I haven't come across a clear solution with PowerShell commands or APIs. I am specifically looking for assistance with Microsoft Intune.

Could anyone here with experience in Intune and PowerShell guide me on how to achieve MDM automatic enrollment using PowerShell? I have already installed the Microsoft Intune PowerShell module, but I'm unsure about further steps, how to automate this programmatically.

Any insights, sample scripts, or step-by-step instructions would be highly appreciated.

Thank you in advance!

Microsoft Security Intune Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 44,746 Reputation points
    2023-07-21T14:27:57.7566667+00:00

    Hello there,

    MDM (Mobile Device Management) automatic enrollment allows organizations to automatically enroll Windows devices into their MDM solution, such as Microsoft Intune, when a user signs in to the device with their Azure AD (Azure Active Directory) account. This streamlines the device enrollment process for organizations managing large numbers of devices.

    To enable MDM automatic enrollment using PowerShell, you'll need to use the "Set-MDMEnrollmentAutoDiscovery" cmdlet. Here's a step-by-step guide on how to do it:

    Open Windows PowerShell with administrative privileges. You can do this by right-clicking on the Start button, selecting "Windows PowerShell (Admin)" from the context menu.

    Check if the device is already configured for automatic MDM enrollment. Run the following command:

    powershell

    Copy code

    Get-MDMEnrollmentAutoDiscovery

    If the "AutoEnrollmentMDM" property is set to "False," it means automatic MDM enrollment is not enabled.

    To enable automatic MDM enrollment, use the "Set-MDMEnrollmentAutoDiscovery" cmdlet. Replace "YourTenantID" with your Azure AD tenant ID, which you can find in the Azure portal.

    powershell

    Copy code

    Set-MDMEnrollmentAutoDiscovery -CloudDomainJoinAadTenantId "YourTenantID"

    Restart the device to apply the changes.

    After completing these steps, when a user signs in to a Windows device with their Azure AD account, the device will automatically be enrolled into the specified MDM solution (e.g., Microsoft Intune) based on the tenant ID provided.

    I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer–

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.