This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 46%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAJ%3C/text%3E%3C/svg%3E)
I've configured Intune with a custom configuration profile to enrol MacOS devices into an AD domain. You login with a local account, install Company Portal, the Domain Join profile runs and the device is joined to AD. You can then login to the device with the domain credential.
However, when I open up the Company Portal app on the device as the domain user, it is going through the setup again. It tries to install the MDM profile again, and then fails because it is already installed.
Is there anyway around this?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Aron Johnson , Thanks for posting in our Q&A.
For the re-enroll issue, could you confirm if it starts after we sign in to Company Portal with the same work or school account?
For the macOS device which is join AD manually, will it get the same issue?
Please check the above information and if there's any update, feel free to let us know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
So what I did was:
I haven't tried a manual join, I'll see if I can find a way to test that and let you know.
@Aron Johnson , Thanks for letting us know the steps. From your description, it seems the enrollment start again after the AD join completed. I have done research both on the Internet and on Intranet. Currently, I didn't find the similar issue yet. Here, I suggest to open case to check on more logs on both device side and background to see if there's any more finding. To open case, you can refer to the steps in the following link:
https://learn.microsoft.com/en-us/mem/get-support
Thanks for the understanding and have a nice day!.
FYI I think I found the source of the problem. When I was initially testing this the device was enrolled using a standard user account. However, if I enrol the device using a DEM and then switch to a domain user, you can login to the Company Portal without any issues. So you need to enrol it as corporate with a DEM to make this work.
@Aron Johnson , Thanks for letting us know the status. I am glad to hear that it is working now. And thanks for your sharing here.
Again thanks for your time and have a nice day!