RobbieJ

Great thanks Anyweb. So in my use case I could create an Azure Dynamic Device group (A), that is selected in the auto enrolment options within Device Management. So when a new Surface Hub is joined to Azure AD it is added to the group automatically and also auto enrolled in to MDM/Intune because that group is specified in the auto enrolment settings. Hope that makes sense. Thanks

Pretty quiet round here then

Hey there, having some issues with MDM and intune/device management within our surface hubs deployment. Initially we tried to make autoe enrollment work for devices that appeared in Azure AD that then appeared within a dynamic group because of their OS type or the device name, after reading technet its apparent that it's user based so we reworked the solution, still having issues: A dynamic user group has been created that automatically adds room and room mailbox/teams accounts in to a Azure AD security group, based on an attribute on the object ID at time of creation The above group is getting populated by new surface hub accounts a few minutes after I run our provisioning script to create our surface hub device accounts All surface hubs are joined to Azure AD using a global admin Azure AD account Surface hub is signed in to the room/mailbox account Teams and other functions work MDM will not register the device or show online/present. Are we missing something here? Thanks Robbie