As you remember from our previous post, we enabled automatic Windows 10 enrollment for all users. This means if a user has a corporate device with Windows 10 operating system installed he can join his device to Azure Active Directory and a Windows 10 device will be automatically enrolled into Intune.
So let me describe one of the user self-enrollment scenarios. I will be joining my Hyper-V VM with Windows 10 Pro 20H2. This computer is not a member of workgroup or any on-premise AD.
Go to Settings first, then click Accounts:
Navigate to Access work or school and select Connect:
If you provide your Office365 email address and click Next, your computer will be registered in Azure Active Directory meaning that Azure AD administrator will manage your user account, but not a computer account. So if you want to get access to corporate data and applications from your personal device you choose the BYOD scenario – Bring Your Own Device.
In our case we want to manage a corporate computer, so we need to join this computer to Azure AD, not register it. Choose Join this device to Azure Active Directory:
Provide your Azure AD account with assigned an Intune license and click Next:
and password then click Sign in:
The account you use for joining the computer to Azure AD will have administrator permissions. Click Join:
The enrollment process is finished:
Restart your computer and then you can login with Azure AD credentials.
Because we enabled automatic enrollment, we can find that this computer in Azure AD was automatically enrolled into Intune, and we can manage it: