Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

How can we improve Microsoft Intune

Automatically deploy Intune PC Client for Azure AD joined computers

Not entirely sure if this belongs here, or in Azure AD, however....

From reading the documentation, it appears that the for Windows 10 Enterprise PCs, they can be managed automatically upon joining the Azure AD domain as mobile devices only.

For corporate issued PCs, it would aid SMBs greatly if adding the Intune PC Client can be done automatically upon joining the PC to Azure AD. This would lower IT department's involvement in issuing new devices, so that company administration could just buy (for example) a Surface Pro and hand it to a new employee, along with the Azure AD/Office 365 credentials.

772 votes
Vote
Sign in
(thinking…)
Sign in with: sso facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
Shane Day shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

26 comments

Sign in
(thinking…)
Sign in with: sso facebook google
Signed in as (Sign out)
Submitting...
  • Charles Roller commented  ·   ·  Flag as inappropriate

    I agree with Michael, this should be closed. The intune agent has never been a part of the new experience in the Azure portal and I do not believe there are plans for it to be. The agent should only be used for Win7 devices, and even then those should be migrated to Win10

  • Michael Mardahl commented  ·   ·  Flag as inappropriate

    The new Devicemanagement portal offers all you need now.
    I would say that this request should be closed, as Intune does fulfill this now,

  • Eric commented  ·   ·  Flag as inappropriate

    Finally ready to chew on BYOD but we need a actual easy way to deploy our things which includes intune please fix

  • Craig Debbo commented  ·   ·  Flag as inappropriate

    We use Azure intune. We can't do an intune join unless our PCs are in-joined from their on-prem AD domain. So, we unjoin our local domain, enroll in inTune with a enrollment management account, then re-join our local domain.

    We already have the settings to 'auto' join AAD. Would be nice if there was an extra step where the PC just auto-joined inTune too (while being locally joined to AD)

    Screwy or broken? Anyways, please streamline this whole process. By comparison, iOS devices are enrolled when we order from Apple, and Chromebooks are enrolled immediately after we hit some key combo and log in with a google domain account.

    thanks

  • Mark ter Weele commented  ·   ·  Flag as inappropriate

    We want also automatically deploy Intune Client for computers who joining to Azure AD. Is there already a solution? It's a must have in our organization.

  • Aaron Marks commented  ·   ·  Flag as inappropriate

    Agree with James... we really need all the PC-enrolled functionality from the classic Intune to be rolled over to Azure AD joined devices. It would be great if we got all of this (and more) without the need for an agent.

  • Tim Wootton commented  ·   ·  Flag as inappropriate

    How about intune actually recognising Azure AD connected PC's, or even better if we deploy an Azure AD Virtual machine to do Group Policy management in Azure AAD, allow us to use this (with the full intune agent installed on the pc) to deploy Group Policy settings to Azure AD connected devices. The Intune Windows management capabilities are woefully lacking.

  • James Schwarzmeier commented  ·   ·  Flag as inappropriate

    Or even better...let us manage all Azure AD-joined computers AS computers without the need for a separately installed client.

  • Gabe commented  ·   ·  Flag as inappropriate

    You have all my votes. Wow, this request dates back to August 2015... @Microsoft: Are you actually still developing Intune? We have just started contracting EMS and you are squeezing a **** lot of money for a product that doesn't address such salient cases within more than 18 months...

  • Alan Dooley commented  ·   ·  Flag as inappropriate

    The main reason people want the Intune agent over using MDM is the greater flexibility in running MSI with transforms/msp patches or .Exe. if this was supported via MSN then needing the client would be less relevant.

  • Kellan commented  ·   ·  Flag as inappropriate

    Microsoft should just start including some form of Intune connector pre-installed in Win 10 ENT. If they want to push it as a management option, have it already on PCs and ready to go.

  • Mark commented  ·   ·  Flag as inappropriate

    Better if the client isn't needed, but currently it is. It's bonkers that this is released as anything other than beta.

    This provides some useful insight - https://social.technet.microsoft.com/Forums/en-US/71c182a7-3509-48cd-bfb8-3ac23d8dbf5a/maddening-windows-10-and-intune-problem?forum=microsoftintuneprod#73091780-a12d-4630-b38d-126bfe863c93. (Now over 12 months old at the time of posting this).

  • Jan Ketil Skanke commented  ·   ·  Flag as inappropriate

    The MDM API gives you even more flexibility for management. All the policies, certficate distribution, wifi setup, conditional access and then some is not available if you are using the Intune legacy agent insted of managing Windows 10 through the MDM Channel.
    I suggest you all read up on what you get by doing this, you really dont need the agent.

  • Nima Gharib commented  ·   ·  Flag as inappropriate

    I just tried Peter's link, and you're right "Anonymous". It just deploys the Company Portal through Windows Store.

    Pretty useless not being able to install the full client on a Windows 10 device automatically. Why would anyone ever want to manage a computer as a mobile device. What are the gains.

  • J Crowley commented  ·   ·  Flag as inappropriate

    Peter, this doesn't fix the issue as far as I can see. That's deploying Windows Store apps, not the InTune client?

← Previous 1

Feedback and Knowledge Base