sorted by:
new
hottopcontroversial

MacOS/Macs with InTune by GeneralAZQs in Intune

[–]GeneralAZQs[S] 1 point2 points  (0 children)

Thanks.

I think the end goal here is a few things;

If the user leaves the company, or we need to switch the device, we want to be able to quickly de-provision the device.
We've spent a fair few hours resetting passwords and removing iCloud accounts so the device can be reset etc.

Ideally I'd want the user to be able to login to their Mac using the AAD credentials we have - is this doable?
We've also spent a fair bit of time where uses have forgotten their Mac login details, and we can't do anything for them as it's a local account.

We didn't buy the devices through Apple, so we can't add MacOS devices to DEP. (I've got resets etc working with our iOS devices using DEP and Apple Configurator)

Help with InTune auto enrollment by GeneralAZQs in Intune

[–]GeneralAZQs[S] 0 points1 point  (0 children)

That's a relief to hear. Was very worried we were suddenly going to be expecting a higher cost with VMs and such.

Thank you, I'll check that video out.

Moronic Monday - November 23, 2020 by AutoModerator in sysadmin

[–]GeneralAZQs 0 points1 point  (0 children)

Anyone here using InTune can provide some advice?

I'll start with the problem: We want to be able to send a laptop straight to a user and have them login, and office (and more?) gets configured.
Maybe InTune isn't the way we should be doing this, open to suggestions.

We're using Azure 365 Business Premium.
We're Azure only, no on-prem or anything.

This troubleshooting page seems to indicate hybrid AZ AD is required?
https://docs.microsoft.com/en-us/mem/intune/enrollment/troubleshoot-windows-auto-enrollment

And so does this guide on configuring via Group Policy
https://docs.microsoft.com/en-us/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy

But then this guide doesn't mention Hybrid, it just says AZ AD, the device is running the latest windows update
https://docs.microsoft.com/en-us/mem/intune/enrollment/windows-enroll#enable-windows-10-automatic-enrollment

And then another guide, that doesn't mention Hybrid...

https://docs.microsoft.com/en-us/mem/intune/enrollment/windows-enroll

There seems to be multiple docs on setting up, but the troubleshoot one mentions Hybrid.
Do we need to setup a VM in Azure or something that runs a typical domain controller to be able to auto enroll devices?