I'm pretty new to managing device deployments and I've found myself in a bit of a mess. I need to set up and send out 5 Pixel 9a smartphones to users in a different location. We use Intune for managing these phones, currently set up with a Company Owned, Fully Managed profile. My only training involved using a QR code to set up devices from factory settings, and unfortunately, we don't have any Zero Touch enrollment set up. My manager, who isn't an IT expert, only suggested two options: I could either send the phones in factory settings and guide users through the QR code scan and signing into Intune, or I could log in myself using their passwords and then reset them afterwards, but I'm not comfortable doing that. Is there a more efficient way to handle this setup, or is guiding users through the process the best route?
4 Answers
You could enroll the phones using the QR code method and pause right at the login screen for M365. That way, the users can log in themselves without you touching their credentials at all!
Definitely stick with the QR code method! If a device gets lost, it's on the user, not your company. It might seem risky, but it keeps things simple.
If you can get Zero Touch set up for future phones, that's ideal! For this batch, going with the QR code approach may save you tons of headaches. But honestly, if you're feeling unsure, using Option 2 for just 5 phones might give you the peace of mind you need—just keep a proper record of it!
Honestly, setting up using the QR code is the way to go. Just share a detailed guide with the users to walk them through each step so they feel supported. It's a bit of an effort, but much better than handling their passwords.
I'm planning to set up Zero Touch for the next devices. I know it can't be done for the ones I already have, so I may end up doing Option 2 only if I have proper documentation. It's been done before in our small team, but I really want to avoid potential issues.