Support multiple user contexts with Device Compliance
We have multiple deployments where devices have been enrolled with a Device Enrolment Manager account and then issued to users.
Using a DEM account has allowed us to manage the enrolment of devices and configure any steps not yet supported by Intune before issuing to users. This isn't something that would be appropriate to change with AutoPilot.
These same deployments are relying on the ability to use the devices Compliance state as telemetry within a Conditional Access policy. Unfortunately we have seen mixed results where devices do not consistently report as compliant nor do they consistently report the reason for their non compliance.
Through working with support I have been provided with this article where it is stated this is an unsupported scenario -
We need this added as a supported scenario.
It's not appropriate for everyone to use AutoPilot or to rely on user led enrolment or to issue one device to a user or for devices to not be ever shared without needing re-enrolment.
This is proving a major blocker to adoption of Intune and Conditional Access.
If you need anymore information or scenarios at all please let me know.
Mike M commented
We're unable to continue with Windows 10 deployment because there is no viable solution to Shared computers. Kiosk mode is very niche and is not a shared computer experience.
This is a must have, very few organisations have only personal devices. Shared devices are common and should be supported