All computers should be joined to Entra ID, and managed by Intune.
- Entra registered is not supported.
- Intune auto-enrolled should be set, no extra action is needed for MDM enrollment.
- Any third-party Antivirus should be removed before enrolling!
To enroll a device through Windows Settings, the device user first adds their Entra account:
- On the device, go to Start >
Settings, then in the Settings window click Accounts > Access work and school. - Click + Connect. A dialog for setting up a work or school account opens.
- Authenticate with the Entra account:
- Enter the account name:
- For a joined device, click Join this device to Microsoft Entra ID. In the Microsoft account dialog, enter the Entra account name, then click Next.
- If the account is recognized, both the password prompt and the Knox Manage branding shows in the dialog. Enter the account password and click Sign in.
- Confirm both the Microsoft Entra domain and the username is correct.
- If the provisioning succeeds, the dialog reads The device is connected to Intune.
Click Done. The Entra account is added to the device.
- Sign out from your local user account, and sign back in with your Microsoft 365 account.
- Your device is now enrolled and managed. It is required to be compliant before you can access company resources.
Please refer to this blog should you run into errors while joining the device: FIX FOR: Entra ID join error code 8018000a – This device is already enrolled – Prof-IT
