There are different methods available to enroll Windows 11 devices in Microsoft Intune. These methods include GPO, Windows Autopilot, Windows Provisioning package, Co-Management, Manual Enrollment, etc. The Intune enrollment method can be user-driven or administrator-driven.
Note: The Azure Active Directory is now Microsoft Entra ID.
One such Intune device enrollment method is the Azure AD join method. This Intune enrollment method enables a user to enroll a corporate-owned device into Microsoft Intune by using the settings panel and adding a Work or School account. Once the device joins Azure AD (Now Entra ID), you need to log in to the device using your corporate Azure Active Directory account.
How to Configure Automatic Enrollment
Automatic enrollment lets user enroll their Windows devices in Microsoft Intune The Auto Enrollment must be enabled to automatically enroll the device to Intune as soon as it’s joined to Entra ID (Formerly Azure AD). Check out Configure Azure Active Directory Automatic Enrollment to understand how to configure Automatic Enrollment in Azure AD.
How to Join Windows 11 Device to Azure Active Directory
Follow the steps to enroll a Windows 11 device to Intune using the Azure AD Join enrollment method.
- On a Windows 11 device, go to Windows 11 Settings > Accounts. The account you are using should have local administrator rights.
Scroll down and click on Access work or School option.
On the Access work or school page, click on Connect
On the Set up a work or school account page, click on Join this device to Azure ActiveDirectory
On the Sign-in page, enter your Azure AD account and click on Next. The AAD account should have permission to enroll the device to Intune.
Enter the password in the next screen and click on Sign in
If Multi-Factor Authentication (MFA) is enabled then you will get a prompt for authentication.
On the “Make sure this is your organization” page, Review the organization and click on Join.
The device is now joined to Azure Active Directory. Since we have already configured Automatic Enrollment configuration for Microsoft Intune in Azure AD, the device automatically enrolled to Microsoft Intune.
Click on the Done.
You now need to log on with your Azure AD account. You can either reboot the device or just Sign out and log on with your Azure AD account.
Click on the Start Menu and select Sign-out
Log on with your Azure AD account. You will see the Setting up for work or school account ( Enrollment Status Page). This will take some time depending on the number of policies and applications assigned to the device/user in Microsoft Intune.
You can now see the device record in Azure AD and the device enrolled in Microsoft Intune. You can validate the same from the Azure Active Directory console or Microsoft Intune Admin Center.
Related Posts
- SCCM Dynamic Collection for Windows 10 / 11 Devices
- SCCM SQL Query for Windows 10 / 11 Version Summary
- Configure Windows 10 / 11 Device as Kiosk | Microsoft Intune
- Windows 10 / 11 Operating System Build Versions
- Windows 11 enrollment failed with error 0x800700b7
- Enroll Windows 11 Device to Intune through Azure AD Join method | Corporate Devices
- Invalid_Client error when joining Windows 10 device to Azure AD tenant
- Join Windows 10 Device to Azure Active Directory
- How to Obtain Hardware Hash for Manually Registering Devices with Windows Autopilot
- Bulk enrollment of Windows 10/ 11 Devices to Intune
- Microsoft Intune – Windows 10 MDM- Basic troubleshooting
- That account info didn’t work – error when disconnecting Windows 10 / 11 Work or School account
- MDM Enroll: Device Credential, Failed (Unknown Win32 Error code : 0xcaa9001f
Subscribe to Techuisitive Newsletter
Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.