Azure AD Integration IV: Azure AD Enrollment
Azure AD Enrollment Overview
In comparison to Windows Autopilot, the Azure Active Directory Enrollment can be performed from the out-of-the-box experience and additionally from the Settings application for already used devices. Azure AD Enrollment allows a very simple and convenient enrollment mechanism for devices and without any interaction of the IT department. As well as for Windows Autopilot, a Mobility (MDM and MAM) application is required in your Azure Active Directory Tenant with specific permissions and the URLs of your Silverback instance. Within this guide, we will perform the Azure Active Directory Enrollment from the out-of-the-box experience.
Your users only need to connect to an internet connection, and they need to know their Azure Active Directory Credentials and can enroll the device within a few steps. After that, Silverback can apply all configurations and can transform the device into an enterprise ready and secured device and can install the UEM Agent to install Software Packages on top. Additionally, you can easily deploy the EgoSecure Data Protection agent for an additional security layer.
Prerequisites
- Accomplished Azure Active Directory Integration Guide I & II
- Microsoft Azure Active Directory Premium P1 or greater, or any Bundle which includes this license.
Client Enrollment
Depending on your Windows 10/11 version and network setup, the step by step guide might be different
- Start the Out-of-box-experience of your Windows 10/11 Device
- Select your Region
- Choose keyboard layout
- Click Yes
- Click Add layout or skip
- Add your network
- Accept License Agreement
- Select Ownership or proceed with typing your Work or school account
- At the “Who owns this PC” question: Choose My work or school owns it
- Click Join Azure AD, then click next
- Type in your Work or school account Azure AD Username. e.g. tim.tober@imagoverum.com
This is the email address to use to login into Office 365 and similar Microsoft Online Services
- Enter your Password
- Click Next or Sign-In
- Accept Terms of use
- Wait until the device will start
- Add (if configured) additional security information (e.g. Windows Hello PIN and Multi factor Authentication)
- Confirm with OK
Next Steps
- Review all Windows 10/11 Profiles and configurations: Tags Guide Part IV: Windows 10/11
- Try Microsoft Autopilot: Azure AD Integration III: Windows 10 Autopilot
- Review the Azure AD Integration V: Windows Store for Business and assign applications to users
- Protect your mobile applications with the Azure AD Integration VI: App Protection Policies