How to Enroll Windows 10/11 Devices into Intune MDM Only
Home > Microsoft Intune > How to Enroll Windows 10/11 Devices into Intune MDM Only
How to Enroll Windows 10/11 Machine in Intune MDM Only (Without Azure AD Join)
Description
This method is useful when you want to manage a Windows 10 or 11 device using Microsoft Intune's Mobile Device Management (MDM) features, but do not want to fully join the device to Azure Active Directory (Azure AD). This is typically used in Bring Your Own Device (BYOD) scenarios or when minimal management is required without enforcing full domain policies.
This process registers the device for MDM only, allowing it to receive Intune policies like app deployment, compliance rules, and device configuration profiles—while keeping the device outside of Azure AD domain control.
Steps to Enroll in MDM Only
- Open Settings on the Windows 10/11 machine.
- Navigate to Accounts > Access work or school.
- Click on + Connect.
- In the pop-up, select the option: Enroll only in device management.
- Enter the user's email address and password (user must have an Intune license assigned).
- Complete any required authentication (e.g., MFA).
- Once done, the device will be enrolled into Microsoft Intune MDM.
Verification
You can verify the enrollment from:
- Settings > Accounts > Access work or school: It will show the MDM enrollment.
- Microsoft Intune Admin Center > Devices > Windows: The device will appear in the list of managed Windows devices.
Home > Microsoft Intune > How to Enroll Windows 10/11 Devices into Intune MDM Only
