Enroll HoloLens in MDM
You can manage multiple Microsoft HoloLens devices simultaneously using solutions like Microsoft Intune. You'll be able to manage settings, select apps to install and set security configurations tailored to your organization's need. See Manage devices running Windows Holographic with Microsoft Intune, the configuration service providers (CSPs) that are supported in Windows Holographic, and the policies supported by Windows Holographic for Business.
Note
Mobile device management (MDM), including the VPN, Bitlocker, and kiosk mode features, is only available when you upgrade to Windows Holographic for Business.
Requirements
Your organization will need to have Mobile Device Management (MDM) set up in order to manage HoloLens devices. Your MDM provider can be Microsoft Intune or a 3rd party provider that uses Microsoft MDM APIs.
Enrollment per scenario
Depending on what stage you are in your deployment we have the following recommendations:
- For multi-user shared devices being deployed in production it is suggested you use Autopilot.
- For multi-user shared devices that are being initially part of a pilot program, Microsoft Entra join during OOBE should be sufficient.
- For a proof of concept joining a device via the Settings menu may suit your needs if you don't need multiple users per device.
Different ways to enroll
Depending on the type of identity chosen either during OOBE or post sign-in, there are different methods of enrollment.
Note
If your tenant is in a GCC High enviorment you will be unable to select "sign in from another device". You'll need to manually enter your user credentials.
For Multi-User Shared Devices
- If Identity is Microsoft Entra ID and device has been pre-registered with Intune MDM server with specific configuration profile assigned to it, then Microsoft Entra join and automatic MDM enrollment will occur during OOBE.
- Also called Autopilot flow Available in 19041.1103+ builds.
- If Identity is Microsoft Entra ID, the during OOBE device can enroll.
- For Microsoft Entra ID, automatic MDM enrollment only occurs if Microsoft Entra ID has been configured with enrollment URLs.
For Single User Devices
- If Identity is Microsoft Entra ID, then either during OOBE or Settings App -> Access Work or School -> Connect button.
- For Microsoft Entra ID, automatic MDM enrollment only occurs if Microsoft Entra ID has been configured with enrollment URLs.
- If Identity is MSA, then using Settings App -> Access Work or School -> Connect button.
- Also called Add Work Account (AWA) flow.
- If Identity is Local User, then using Settings App -> Access Work or School -> Enroll only in device management link.
- Also called pure MDM enrollment flow.
Once the device is enrolled with your MDM server, the Settings app will now reflect that the device is enrolled in device management.
Auto-enrollment in MDM
If your organization has an Azure Premium subscription, is using Microsoft Entra ID and an MDM solution that accepts a Microsoft Entra token for authentication (currently, only supported in Microsoft Intune and AirWatch), your IT admin can configure Microsoft Entra ID to automatically allow MDM enrollment after the user signs in with their Microsoft Entra account. Learn how to configure Microsoft Entra enrollment and Microsoft Entra integration with MDM for detailed background information.
When auto-enrollment is enabled, no extra manual enrollment is needed. When the user signs in with a Microsoft Entra account, the device is enrolled in MDM after completing the first-run experience.
When a device is Microsoft Entra joined it may affect who considered the device owner.
Unenroll HoloLens from Intune
Depending on the enrollment method, unenrolling your device may not be available.
If your device was enrolled with a Microsoft Entra account or Autopilot, it can’t be unenrolled from Intune. If you wish to unjoin HoloLens from Microsoft Entra or rejoin it to a different to Microsoft Entra tenant, you must reset/reflash the device.
If your device was enrolled from an MSA account that added a work account or from a Local account that enrolled only in device management, then you may unenroll the device. Open the Start menu and then select Settings App -> Access Work or School -> YourAccount -> Disconnect button.
Enrollment troubleshooting
Ensure device is successfully connected to Internet before attempting enrollment post OOBE
Once user has signed-in, ensure internet connection by browsing to any internet facing website on device.
Ensure that Microsoft Entra join is not disabled in your Microsoft Entra tenant
Refer to Configure your device settings for information about the available options in Azure portal.
Ensure valid license is assigned to the user
Refer to Troubleshoot Windows device enrollment problems in Microsoft Intune specifically following sections, that is, Check device type restrictions and Assign a valid license to the user.
Ensure that MDM enrollment isn't blocked for Windows devices
In order for enrollment to succeed you'll need to make sure that your HoloLens devices can enroll. Since HoloLens is considered a Windows device, there will need to be no enrollment restrictions that could block your deployment. Review this list of restrictions and ensure you'll be able to enroll your devices.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for