This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 68%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVT%3C/text%3E%3C/svg%3E)
Hi Forum
I've been searching in different fodums and seem to find a different answer on to what is the prompt "Allow my organization to manage my device" in windows 10. From my understanding is to manage the devices and deploy applications/policies. We use other methods like sccm to deploy apps and policies via GPO.
Is there any harm in blocking this prompt?
Just curious does your organization allow this prompt?
I applied the registry below and so far all my office outlook 2016,excel, word are working fine.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin
DWORD: BlockAADWorkplaceJoin
Value: 1
Link allow-my-organization-to-manage-my-device-what-it-means
There prompt allows the device to get enrolled into Intune which Microsoft cloud service for device management. There is no harm in blocking the prompt. However, if you are managing devices using SCCM then consider enrolling your devices in Co-management.
Thank RahulJindal for the valuable input.
@Anonymous Have all the concerns been addressed? Is there any other assistance that we can provide?
If the reply is helpful, please accept this answer. It will help someone else who has the similar confusion easily find it.
Hi
What is the proper way to disable the prompt. "Allow my organization to manage my device" in windows 10.
Is it in thru? Azure AD connect sync, Azure Active Directory admin center or registry?
With the highlighted setting, users will not be able to join the device to AAD. It doesn't stop them from registering. Why not register for the user and get the devices in hybrid state? Extending your ConfigMgr environment to cloud has a lot of value.
@Anonymous - Your right, there is probably a lot of value in ConfigMGR that I haven't discovered. I already have the users & computers syncing with AAD connect. Maybe in the future there will be an opportunity to registry the devices as Azure AD joined. That's got to be an easier way, then a prompt. Perhaps thru AAD connect to Group Policy Management. Why do you say it doesn't stop them from registering? If I turn off 'users may join devices to Azure AD'.
Because it doesn't. To stop them from registering, you need to select the 2nd option 'Users may register their devices with Azure AD' to None. However, this will be greyed out if you have enrollment with Microsoft Intune or mobile device management for Microsoft 365 configured.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 75%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Same issue here now, Intune used for corporate devices - cannot select 2nd option to None as Intune is used.
but want to prevent personal BYOD devices to register - how?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 74%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEC%3C/text%3E%3C/svg%3E)
You may resolve it in MEM, under Devices > Enroll Devices > Enroll devices | Enrollment device platform restrictions > Windows Restrictions.
