@Veera Ragavan, Thanks for posting in Q&A. Based as I know, device certificate type in SCEP certificate profile can only support Format options for the Subject name format include the following variables for Microsoft Entra ID joined devices:
{{AAD_Device_ID}} or {{AzureADDeviceId}} - Either variable can be used to identify a device by its Microsoft Entra ID.
{{DeviceId}} - The Intune device ID
{{Device_Serial}}
{{Device_IMEI}}
{{SerialNumber}}
{{IMEINumber}}
{{WiFiMacAddress}}
{{IMEI}}
{{DeviceName}}
{{MEID}}
https://learn.microsoft.com/en-us/mem/intune/protect/certificates-profile-scep
If NPS support to authenticate the device with one of the above. It can work for the shared devices joined into Microsoft Entra. If not, then I afraid it is not support on such devices.
Thanks for your understanding.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.