BYOD - Changing Intune Device Enrollment Limit to 1 for only a few users in Intune while allowing other users to enroll upto 5 devices.
We know by default in the intune tenant we can define “Mobile Device Enrollment Rules” that can allow up to a Maximum of 5 devices per user to be enrolled into intune. So in BYOD scenario the users are able to enroll up to 5 devices into Intune.
So in this BYOD scenario, sometimes we want to allow only certain users or User group to be able to enroll their devices but just 1 device into intune not 5 devices. While other users should be able to enroll up to 5 devices as configured under “Mobile Device Enrollment Rules” in the intune subscription.
Please note we are not talking about “Device enrollment manager account” as we are in BYOD scenario where user should be allowed to enroll their devices.
This seems to be doable in Mobile Iron and Blackberry MDM solution and we are expecting a similar option in Intune. Currently, it seems in Intune we are unable to configure Device enrolment limit per user or user group and it is only available for entire Intune Tenant subscription.
It would be great if it is doable in Intune as well somehow!!
Tyler Klobassa commented
My Azure Intune environment has this functionality to create another Device Limit Restriction and only apply it to a certain group of users: https://docs.microsoft.com/en-us/intune/enrollment-restrictions-set
Fredrik Carenborn commented
My company also want this. We want to increase the security and control how many devices the user can enroll to Intune. By default the device limit should be 1. All users receive a PC, but some users also get a mobile phone and a tablet. Therefor we want to grant these users a limit of 2-3 devices. This way we have full control.
If we could add multiple options for Device Limit by security group we would be so happy with Intune.
I don't get why you need such a feature. Could you please explain the business or technical need?
AFAIK, EMS licensing allow you to enroll 5 devices, so why such an artificial limit? Is it for your "IT dept" own convenience, or it is sth useful on enduser side, or to prevent sth else?
From my point of view, limiting to 1, only makes experience more painful for your users.
The customer is asking is it a possible set VIP group user max limit is 15, and othner user group is set max limit 3 ?
We would also like to be able to limit to corporate owned devices. Allowing us to set individual settings would allow to set 1 as a default for those with a smartphone, but allow us to increase it for those with tablets and additional corporate devices.
Shoaib Khan commented
I agree with Mr. Suhail Abdul Salam please add the option to specify mobile device limits per user and nor per tenant.
This requirement is from a customer who already have purchased and deployed the EMS suite although they were looking for Allow/Block/Quarantine feature like we have in Exchange ActiveSync but ABQ does not work with conditional access.