Microsoft Enables One-Step MDM in Windows 10
A new auto-enrollment capability, enabled by Azure Active Directory and Intune, helps administrators bring Windows 10 devices into the fold faster.A few weeks after the Windows 10 launch, Microsoft has enabled a new automatic mobile device management (MDM) enrollment feature for the new operating system powered by Azure Active Directory (AD) Premium and Intune. "By combining login, Azure AD Join and Intune MDM enrollment in one easy step, we've made it drop-dead simple to bring devices into a well-managed state that complies with your corporate policies," Alex Simons, director of program management at Microsoft's Identity and Security Services Division, wrote in an Aug. 17 blog post. "This 'one-step' enrollment is a unique new capability of Windows 10, one that really differentiates it from other mobile platforms." Azure AD is the cloud-based version of the company's Active Directory user access and identity management platform. Similarly, Intune provides MDM, application and PC management as a cloud-delivered service. Despite the feature's potential to speed Windows 10 deployments and protect both corporate-owned and personal devices, enabling MDM in this manner doesn't have to be an all-or-nothing undertaking, the company said. Although administrators can automatically bring all Windows 10 PCs and tablets under Intune management with minimal configuration on their part, they can elect to take a more measured approach, said Microsoft program manager Mahesh Unnikrishnan in the co-authored blog post.
In a walk-through of the new capability, Unnikrishnan said administrators "have the flexibility to specify whether only users belonging to a specific set of groups should have their devices managed by Microsoft Intune." Businesses can take their time bringing Windows 10 into the MDM fold.