Enrollment script for already-logged Azure Entra ID devices
For all the devices that have an Azure Entra ID already logged-on, you can launch this admin PowerShell script:
# Set MDM Enrollment URL's
$key = 'SYSTEM\CurrentControlSet\Control\CloudDomainJoin\TenantInfo\*'
$keyinfo = Get-Item "HKLM:\$key"
$url = $keyinfo.name
$url = $url.Split("\")[-1]
$path = "HKLM:\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\TenantInfo\$url"
New-ItemProperty -LiteralPath $path -Name 'MdmEnrollmentUrl' -Value 'https://.../discovery_windows' -PropertyType String -Force -ea SilentlyContinue;
New-ItemProperty -LiteralPath $path -Name 'MdmTermsOfUseUrl' -Value 'https://.../enroll_windows' -PropertyType String -Force -ea SilentlyContinue;
# Trigger AutoEnroll
C:\Windows\system32\deviceenroller.exe /c /AutoEnrollMDM
Please change the MdmEnrollmentUrl and MdmTermsOfUseUrl values, check tenant's url under %whitelabelText2% Admin > Global Settings > Microsoft.
Requirements:
- Internet connection
- %mdmName% must be connected to Azure Entra ID
- Windows 10 (build 1507) or newer