client re enrollment at Intune® fails

Anonymous
Not applicable

First a warm "hi" to all :)
Is someone using Microsoft Intune® , too and would be able to help me to solve my question?


Our Mac®  Clients are installed and enrolled via jamf pro® and we are registering our clients at Microsoft Intune® too, to be able to use SSO for our Microsoft Office365® accounts. To use SSO, we are using the APP "company portal" from Microsoft and the described way to handle the implementation of SSO with Intune(R).


The first client registration at Microsoft Intune®  is working, but a former registered Client cannot be registered again at Intune® again, after it was reinstalled with Jamf pro® and given to another employee.


In Jamf pro®, there is a setting to clear all data from a former registered client, if the client was already registered.
I believe, that the client has to be deleted in Intune® first, if it should be registered again, but I can't find a way to do this automated. Is it necessary to delete the already registered clients in Intune® manually or is there a way to do this with a script or a policy?

Because of the new installation of the client after its reset, a new registration in Microsoft Intune®  is necessary, to be able to use SSO, but if the client was already registered, the registration fails.

Thank you for spending your time and stay health!

 

Greetings, Michael

1 ACCEPTED SOLUTION

AJPinto
Honored Contributor II

You are correct, you must also delete the Macs in Azure/Endpoint (intune) before they can re-register. To my understanding this is a manual process with no ability to automate, but you may want to run that by your Azure admin or Microsoft reps to make sure. 

 

You are on point using your registered trademark symbol lol.

View solution in original post

1 REPLY 1

AJPinto
Honored Contributor II

You are correct, you must also delete the Macs in Azure/Endpoint (intune) before they can re-register. To my understanding this is a manual process with no ability to automate, but you may want to run that by your Azure admin or Microsoft reps to make sure. 

 

You are on point using your registered trademark symbol lol.