Prevent users from enrolling personal Windows devices into Intune

To restrict enrollment to only allow corporate Windows device please follow these steps

  • Start the Microsoft 365 device management portal
  • Go to Device enrollment -> Device restriction
  • Click on Default -> Properties
  • Click Select platforms
  • Ensure that you are allowing Windows (MDM) enrollment. Set to allow or all Windows enrollment will be blocked
  • Click on Properties -> Configure
  • Select “Block” on ‘Windows personally owned’