Provisioning Devices in Microsoft Intune (Endpoint Manager)

Thank you, Andy. In my previous role, there were issues with using personal devices to join the corporate network. An authorization was being asked.

silvanabongiorno

Hi Andy, I just watched this video for a second time, and I got much more out of it. Again, thanks for an excellent explanation of these key concepts, that can be, as your student experienced confusing, but you have done a great job redressing in this video!

joshuaeuceda

Andy, Nice job, it clarified a lot of ambuguity, I had around these 3 concepts. I subscribed and look forward to more content from your channel. Thank you!

joshuaeuceda

HEY Andy,

We Have a Hybrid AD environment including On-prem And Entra AD(which we recently added).

The project's scope is to deploy new laptops for the users in the org with 3 goals.
1. We want to Implement Intune only to new devices with respective users without having to do anything to current devices which are currently On-prem AD joined.
2. We will eventually switch from Hybrid AD to Azure AD only. (Long-term goal- It might take months to take place).

Questions according to the scenario explained above:
1. What is the Best possible way to implement Intune (Hybrid or Just Intune)?
2. Once we configure the devices as Entra hybrid joined devices can we switch them to Entra Registered/Joined devices? TBH I have yet to figure out the difference between Entra Joined and Entra registered devices.

opensourcepandit

Excellent Andi. You are such a great trainer.

sanghamithra

Awesome video, even for review! Thanks again!

zoiwozc

I'm not sure what went wrong on your end. I have all my AD computers hybrid joined and I manage them all in Intune. Also in the case of directly Azure AD joined device, you're not showing how to enrol it. Instead you're starting with an already enrolled device. Slightly off the subject. I was hoping to see some magic way to enrol a device already joined to Azure AD without user interaction. But I guess nothing hanged in this aspect. Good video though. Helpful for some

I just noticed this video is 1 year old. But my commend is still valid as I've had my PCs hybrid joined for nearly 3 years

Update: you're missing the GPO setting to enrol Hybrid joined devices in MDM. That's why your your 'manage' option is greyed out and devices not in Intune.

zarodkiewicz

Your tutorials are very clear and easy to follow.

Thank you so much, I really appreciate all your videos!

dvizcarra

Hi Andy. First off, love your tutorials (especially on Microsoft Azure and Intune) and learning a lot from your videos. Question for you. when repurposing a corporate device, what is your preferred method when wiping an Intuned device? For example, when a person leaves a company and the computer needs to be re-imaged so it can be given it to another user such as a new hire. I use Fresh Start but when I look in my Secure Score in Microsoft Defender for regressions on exposed devices, I see the old device name reporting. When I investigate further into that device using the Device ID it actually shows the new device name that was given to another user. It might just be an endpoint device reporting issue. Thank you for your time and help.

noahdelarosa

Thank you so much for the wonderful video, I love the way you explain. Could you kindly give an example where on perm AD make sense?

khanmali

Hi Andy, is there a way to change a AAD registered device to AAD joined or Hybrid? As I can't add them to my company's Defender for Endpoint as needs to be joined or Hybrid.

darraghmartin

This was a great idea for a discussion thankyou.

bingomutant

Hi Andy great video. i have a few questions and hopefully u can help me clear my doubts. Thanks in advance :)

1. If hybrid AD joined devices are not enrolled in intune, how can i manage those devices
2. For personal windows devices when user sign in to any office apps does it enrolled to intune so that can be managed
3. Is there a way to block users from using personal windows devices becos we dont want them sign in with their company email and accessing email or one drive etc

bloodstallion

Thanks for your videos, Andy! Can you show how this applies to iOS devices and the differences that administrators should know?

susieheath

Thanks Andy for this great tutorial! Just a quick question though, does Hybrid Azure AD, Azure AD Join and Azure AD registered devices require Intune license assigned to the user to join their devices?

ericsonramos

Hi Andy, Thank you for the Video, I have learn a lot. Just quick question on the licensing; I am on a Microsoft 365 business standard right now, what plan should i upgrade to to explore this features Microsoft 365 Business Premium 1, or should i add Intune as stand alone to my currently subscription?🙏

godfreymwingira

Great video Andy. Thank you sir. Question: If I want to switch a hybrid joined machine to a full Azure AD joined so I can fully manage in intune, how is this done?

chrisramlow

Andy, thanks so much. You explained everything to the bone.

When i do Azure AD Joined, it prompts me to login on the computer login screen with my corporate email and password. Is there a way to login with just a username and password rather than with my corporate email?

josephngwatezeh

Thank you for the video(s)! Question on the Azure AD joined device, in properties of the system the device shows to be in WORKGROUP. Did I miss an enrollment step or will Azure AD joined devices never show to be joined to the domain like on prem devices do? Thank you in advance for answering, keep those videos coming as they are highly appreciated!

mverhaar

When 'Hybrid Azure AD' is selected, is co-management (Intune & SCCM) the only choice to use Intune ? or Can we choose 'Intune alone' ?

sericaxyz