Hey everyone! I'm curious to hear how you all are managing your device enrollment and deployment using Intune. Right now, our process involves buying computers directly from Dell. They go through Autopilot, and I've set up a configuration policy to install necessary applications. However, I often face an issue: when the computer boots up and prompts for a login, the new employee isn't there yet and hasn't set up MFA. I'm wondering what others do in this situation. Do you have a specific account you enroll the device with? Are you using the Temporary Access Pass (TAP)? Or maybe a provisioning package, which I haven't explored much? I'm just looking for any insights or better methods that are out there!
5 Answers
Have you tried out the pre-provisioning feature through Autopilot? It simplifies things a lot by setting up the device without user credentials first, which saves time on the final login.
We just did it for a ton of laptops. It significantly cuts down on setup time for users!
It's all about that zero-touch setup! We use Autopilot too, and ideally, employees log in, register for MFA, and everything is good to go. We let the devices sit if the new hires aren't there yet. If I'm misunderstanding your process, let me know!
You're on point! We're moving in that direction too. Ideally, users get the experience of logging in and setting everything up, including MFA, with minimal IT intervention.
But isn't there a wait time for apps to download after the user logs in? Sometimes Intune can be slow. What do others do when that happens?
I've used TAP as well! It’s a one-time use, and I share it with HR via a password manager before the employee's first day. It works fine, but I do wonder if it's the best option.
Exactly! But I’ve noticed that when you log in with TAP, it skips MFA registration for the user. I think it’s important they set that up before starting.
We're transitioning to using a third party for setup. I’m keen on pushing for a streamlined process that lets users just log in and get started without needing IT to touch the device first.
Why involve a third party? Setting up autopilot isn’t that complicated!
We're all about that zero-touch deployment! Our vendor sets up the device, and users just sign in on their own. MFA is set during that first login and it works seamlessly.
I find that pretty wild! We have a rule against sharing passwords with users for security reasons. It should be all hands-off for IT!
That’s exactly what I want too! It should make user login and setup way quicker!