Enrolling Devices into Microsoft's Intune admin center
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 12%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJD%3C/text%3E%3C/svg%3E)
Jones, Derrick L
40
Reputation points
🆘 How to Automatically Enroll Hybrid-Joined PCs into Intune Admin Center (Without Using Company Portal)
Hi everyone,
I'm preparing for a large-scale PC Replacement Project and need help streamlining the Intune enrollment process for newly joined devices.
🧩 My Environment:
- On-premises Active Directory
- Microsoft Entra ID (Hybrid Azure AD Join via AD Connect)
- Microsoft Intune (Endpoint Manager)
✅ What Works:
I can successfully enroll devices into Intune using:
- The Company Portal app
- Or Settings > Accounts > Access work or school > Enroll only in device management
However, these methods are manual and limited:
- There's a device enrollment cap per user (15 for Intune, 20 for Entra ID)
- I have over 100 PCs to upgrade and replace
- I need a scalable, automated process that doesn’t rely on user-driven enrollment
❌ What I've Tried:
I attempted to configure Group Policy Objects (GPOs) on my domain controller to trigger automatic enrollment for Hybrid Azure AD joined devices. I followed guidance to:
- Place a PowerShell script in
SYSVOLto invokems-device-enrollment:?mode=mdmenroll - Link the GPO to the correct OUs
- Enable Hybrid MDM Auto-Enroll via: Computer Configuration → Administrative Templates → Windows Components → MDM Enable automatic MDM enrollment using default Azure AD credentials → Enabled (Device Credentials)
- Despite this, devices show:
dsregcmd /status PolicyEnabled : NO PreReqResult : WillNotProvision
❓ What I Need:
- A reliable, automated method to enroll newly joined Hybrid Azure AD devices into Intune
- A solution that works at scale (100+ devices)
- Ideally, something that can be triggered via GPO, script, or provisioning package—without requiring user interaction
🙏 Request:
Can someone walk me through a proven method to:
- Automatically enroll Hybrid Azure AD joined devices into Intune
- Avoid hitting the per-user device limit
- Ensure devices appear in the Intune Admin Center as Managed by Microsoft Intune
Any help, scripts, or best practices would be greatly appreciated!
Thanks in advance, Derrick❓ What I Need:
- A reliable, automated method to enroll newly joined Hybrid Azure AD devices into Intune
- A solution that works at scale (100+ devices)
- Ideally, something that can be triggered via GPO, script, or provisioning package—without requiring user interaction
Any help, scripts, or best practices would be greatly appreciated!
Thanks in advance,
Derrick J
Microsoft Security | Intune | Enrollment
Sign in to answer