Hello,
I am wondering if anyone has any thoughts about how to go about automatically enrolling workgroup laptops in Intune and Azure AD. The laptops in question are imaged using SCCM and not joined to AD. Also the PCs are severely locked down, meaning the end users that get these PCs have very little rights to do anything on them other than launch apps via desktop shortcuts that are provided. These laptops are given out to users for some temporary work. After the work is complete, they are returned, wiped and reimaged, and redeployed at later time. Ultimately I would like to find a way to somehow automate the enrollment (or make it as simple as possible) prior to the users receiving them but have not found a good way to do it. To further complicate this, I'd like to get away from workgroups and find a way to have the laptops join Azure AD (AAD) to allow the end users to log in with their AD credentials. The end users are remote so this would allow them to log into the laptops with out us having to know their domain password or reset it so we can cache their creds ahead of time. With this in mind, joining to on-prem AD will not work.
I have researched all of the enrollment methods and while some can work, almost all will require some manual intervention to get them to complete. I thought Autopilot could be the best method to accomplish what I want to do but the problem is I cannot find a way to automate the process of getting the devices registered with the Autopilot service during imaging. Yes I can manually run the powershell script to retrieve the hardware hash for Autopilot but there are several hundred laptops that need this. DEM accounts will not work as they register the PC with AAD and do not join. A provisioning package looked promising but there is a limit to how many devices each package can enroll and the token that is imported to the package is only valid for a max of 30 days.
If anyone has any thoughts, experiences, or success doing what I am trying to do, please share.
Thanks in advance.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 74%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
