Intune lets you manage your company or personal devices and apps and how they access your company data. To use this mobile device management (MDM), the devices must first be enrolled in the Intune service. When a device is enrolled, it’s issued an MDM certificate. This certificate is used to communicate with the Intune service.
# | Decision | Justification |
|---|---|---|
DD01 | The Automatic enrollment will be set to the default MDM URLs | To enroll devices in Intune, the default Terms of use, MDM discovery and MDM compliance URLs must be published. |
The MDM user scope will be set to All | The MDM autoenrollment will be set to allow all devices or users. |
By default, devices for all platforms are allowed to enroll in Intune. However, you can restrict devices by platform and a maximum a user can enroll.
# | Decision | Justification |
|---|---|---|
The Windows MDM corporate enrollment restrictions will be allowed. Personally owned devices will be blocked to enroll | Corporate Windows enrollment will be allowed to use Windows Autopilot to enroll a device. Personally owned devices will be blocked to enroll in Intune. | |
The number of devices a user can enroll will be set to a maximum. | A maximum will limit the number of devices a user can enroll |