Microsoft Endpoint Manager – Windows 10 Enrollment Methods Overview

In this post we continue our step-by-step series on Microsoft Endpoint Manager and Microsoft Intune.

We’ve covered basic configuration of Intune, user account creation and synchronization so we’re ready to enroll our Windows 10 devices into Intune. We already configured automated MDM enrollment in Intune which means users can enroll their devices and every computer joined to Azure Active Directory (or Azure AD registered for Bring Your Own Device scenario) and it will be automatically enrolled into Intune.

There are a lot of ways to enroll a Windows 10 computer. Let me provide an overview of all of them first.

Device Enrollment Manager is an account with extended permissions allowing bulk enrollment and management up to 1000 corporate-owned devices. This account should be used for enrolling non-personal corporate devices in Intune before giving computers to end users. Intune supports up to 150 Device Enrollment Manager (DEM) accounts.

Co-management scenario enables MECM clients to be managed by both management systems – Configuration Manager and Intune at the same time. During co-management configuration in MECM you can choose which clients you want to enroll into Intune – all, none or specific collection as a pilot group.

Windows Autopilot is a cloud service helping you to pre-provision new devices with a freshly installed operating system. Autopilot enables you, during OOBE, to join a computer in Azure AD, auto-enroll a device into Intune, and apply required configuration policies, settings and applications from Intune.

Hybrid Azure AD join scenario enables on-premise AD joined computers to join Azure AD as well. Then you can manage your corporate devices not only by group policies, but also by Intune configuration profiles.

These methods require a lot of configurations and will be described in the next articles. Let me explain in detail other methods that are simpler.

You can join your computer in Azure AD during the setup process. First, you need to provide your corporate credentials and click Next:

Provide your password and click Next:

Change the privacy settings if needed and click Accept:

Now you can logon with your work account:

By default, if it is not disabled, you will need to configure Windows Hello:

You can configure a PIN or skip it and finish it later.

Go to Windows Settings:

Then go to HomeAccountsAccess work or school:

We successfully joined our Windows 10 into Azure AD. Also, you can open Azure AD console, go to Devices and find our computer enrolled into Intune:

In the next article I will show how to manually enroll a device if the operating system is already installed.



Contact Us

On Key

More Posts

Mastering Azure AD Connect - A Comprehensive Guide by WME
Active Directory

Mastering Azure AD Connect – A Comprehensive Guide

Modern businesses are fast moving toward cloud-based infrastructure. In fact, cloud-based business is not just a trend anymore but a strategic necessity. Microsoft’s Azure Active Directory (Azure AD) has become a frontrunner in this domain. It

Read More »
Security Best Practices in SharePoint
Office 365

Security Best Practices in SharePoint

Microsoft SharePoint is an online collaboration platform that integrates with Microsoft Office. You can use it to store, organize, share, and access information online. SharePoint enables collaboration and content management and ultimately allows your teams to

Read More »
The Ultimate Guide to Microsoft Intune - Article by WME
Active Directory

The Ultimate Guide to Microsoft Intune

The corporate world is evolving fast. And with that, mobile devices are spreading everywhere. As we venture into the year 2024, they have already claimed a substantial 55% share of the total corporate device ecosystem. You

Read More »
Protecting Microsoft 365 from on-Premises Attacks
Cloud Security

How to Protect Microsoft 365 from On-Premises Attacks?

Microsoft 365 is diverse enough to enrich the capabilities of many types of private businesses. It complements users, applications, networks, devices, and whatnot. However, Microsoft 365 cybersecurity is often compromised and there are countless ways that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.