With the latest Intune update, you can now display an enrollment status page after a Windows 10 device has been registered.

The page will let your end-users know what is happening while their device is finalizing the registration process.

To do so, you first need to enable the feature in Intune

  • Connect to your Azure portal and reach out the Intune configuration blade

image

  • Then reach out the Device Enrollment\Windows Enrollment configuration blade

image

  • Access the Enrollment Status Page

image

  • Edit the Default policy to enable the feature, available in the Properties blade

imageimage

  • The default policy is applied automatically to all users and devices

Next time a Windows 10 device is joining Azure AD, the user will see the enrollment status page.

They will be able to click the Continue anyway button to access their Windows session. This will not stop the enrollment process and they may not be able to access your corporate resources (depending of your conditional access policies)

image

 

The below list details which information following the context:

  • Device preparation
    • Trusted Platform Module (TPM) key attestations (when applicable)
    • progress in joining Azure Active Directory
    • enrolling into Intune
  • Device setup (if assigned to All Devices)
    • Security policies (one configuration service provider (CSP) for all enrollments. Actual CSPs configured by Intune aren’t tracked here.)
    • Applications
      • Per machine Line-of-business (LoB) MSI apps
      • LoB store apps with installation context = Device
      • Offline store and LoB store apps with installation context = Device
    • Connectivity profiles (VPN and Wi-Fi) aren’t tracked yet, so always say “0 of 0”
    • Certificates aren’t tracked yet, so always say “0 of 0”
  • Account setup
    • Security policies (one CSP for all enrollments. Actual CSPs configured by Intune aren’t tracked here.)
    • Applications
      • Per user LoB MSI apps that are assigned to All Devices, All Users, or a user group in which the user enrolling the device is a member
      • Per machine LoB MSI apps that are assigned to All Users or a user group in which the user enrolling device is a member
      • LoB store apps, online store apps, and offline store apps that are assigned to any of the following:
        • All Devices
        • All Users
        • a user group in which the user enrolling the device is a member with installation context set to User
  • Connectivity profiles
    • VPN or Wi-Fi profiles that are assigned to All Users or a user group in which the user enrolling the device is a member
  • Certificates
    • Certificate profiles that are assigned to All Users or a user group in which the user enrolling the device is a member

Leave a Comment

1 × three =

This site uses Akismet to reduce spam. Learn how your comment data is processed.