Windows Enrollment restriction and Corporate Device Identifiers
A lot of customers have O365 and their users like to use O365Pro Plus or configure their mail account at home on their personal devices. With that they are asked to add the Account as "Work or School Account", which registers their personal devices automatically in Azure AD. That is ok, but if the customer then buyes EMS licenses and assign them to user, all the devices are enrolled to Intune. Even more worse is, that with that you will no longer be able to target anything to users. Because if you for example would like to deploy Windows 10 Enterprise Keys to the Users, their personal devices are upgraded. Or for example you assign some Apps, which all the users should have on their corporate devices, are then also installed at home.
We really need a way to restrict the enrollment of home computers or to better inform the users what is happening if they are adding a work or school account.
A possibility is also, that we can select on a User Assignment for Policies/Apps/Compliance that it should only work on Corporate or on Personal Devices.