Share via

How to enroll an already existing Windows 11 Multi-session host into Intune?

JohnSebastian-3934 446 Reputation points
2025-07-09T14:39:46.82+00:00

All the documentation that I see for enrolling an Azure Virtual Desktop Windows 11 Multi-session host into Intune shows this done during the VM deployment. Our AVD hosts are Entra ID joined (not Entra ID Domain Services joined) because that is the only configuration capable of supporting Certificate Based Authentication with AVD.

All of our other VMs are joined to our Entra ID Domain Services domain and thus we can use Group Policy to manage them but because AVD requires Entra ID joined VMs to support CBA, I cannot manage them with our Group Policy policies. Microsoft says we need to use Intune.

So here is my situation: I've got some AVD hosts already setup and running correctly. We recently purchased Intune. I need to now enroll these existing AVD hosts that are Entra ID joined but I see no way to do this in the documentation. Everything I have seen documented joins the AVD VM to Intune during VM deployment. Is it possible to join an already existing AVD Windows 11 Multi-Session VM to Intune? I've seen blog posts saying that this is not possible which I find hard to believe. I would think that the first thing engineers at Microsoft would think about when creating a service like Intune is onboarding and offboarding hosts to the service.

Please advise. Thank you.

Microsoft Security | Intune | Enrollment
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Prathista Ilango 345 Reputation points Microsoft Employee
    2025-07-23T09:49:05.73+00:00

    Hello JohnSebastian-3934,

    These can still be enrolled, but not automatically.

    You can try manually enrolling like any other device. There is no native way of enrolling automatically after Entra join (AVD or no AVD). Is there a reason these VMs can't be reprovisioned, considering that should be a simple process with AVD?

    If that is not feasible, try PowerShell scripts to perform the enrollment, though the supported easiest way is to redeploy the VMs.

    Hope that helps!

    If you found the information above helpful, please Click Yes. This will assist others in the community who encounter a similar issue, enabling them to quickly find the solution and benefit from the guidance provided.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.