User & Device Enrollment Guideline for Intra

This document provides a step-by-step guide for creating local admin accounts, enabling them, setting default passwords, and enrolling users and devices via Intune & Intra ID Cloud Process.

Step 1: Creating or Enabling Local Admin Accounts

You need to create or enable two local admin accounts named Admin and Administrator on Windows 10/11 devices.

1.1. Check and Create Local Admin Accounts

1. Access Local Users and Groups (lusrmgr.msc):
   • Press Win + R to open the Run dialog box.
   • Type lusrmgr.msc and press Enter.
2. Create a New Account (Admin):
   • Under Users, right-click and select New User.
   • In the User name field, type Admin.
   • Set a password (refer to Step 2: Setting Default Password).
   • Uncheck User must change password at next logon.
   • Check Password never expires.
   • Click Create.
3. Check for Existing ‘Administrator’ Account:
   • Look for the Administrator account under Users. If it already exists, proceed to enable it (see Step 1.2).

1.2. Enable the Administrator Account

1. Enable the Account:
   • Double-click on the Administrator account.
   • Uncheck Account is disabled.
   • Click OK.
2. Set or Reset the Password:
   • Right-click on the Administrator account and select Set Password.
   • Set the password (refer to Step 2: Setting Default Password).

Step 2: Setting Default Password for Local Admins

Both local admin accounts (Admin and Administrator) must have the same default password.

1. Use the organization’s predefined default password policy.
2. Ensure the password meets complexity requirements (e.g., at least 8 characters, including uppercase, lowercase, numbers, and symbols).
3. Communicate the password securely to the IT administrator responsible for Intune enrollment.

Step 3: Enrolling Devices via Intune & Intra ID Cloud

Enrolling devices and users in Microsoft Intune ensures seamless integration with Intra ID for cloud-based management.

3.1. Preparing the Device

1. Ensure Network Connectivity:
   • Connect the device to the internet.
2. Sign in with Local Admin Account:
   • Log in using the Admin or Administrator account.
3. Install Necessary Updates:
   • Open Settings > Update & Security > Windows Update.
   • Install any pending updates.

3.2. Enroll the Device in Intune

1. Access Windows Settings:
   • Go to Settings > Accounts > Access work or school.
   • Click Connect.
2. Enroll Using Work or School Account:
   • Enter the Intra ID credentials provided by your organization.
   • Follow the prompts to complete the enrollment.
3. Verify Enrollment:
   • Open Settings > Accounts > Access work or school.
   • Ensure your organization’s account is listed as connected.

3.3. Assigning Policies and Apps via Intune

1. Login to Microsoft Endpoint Manager Admin Center:
   • URL: https://endpoint.microsoft.com
2. Assign Policies:
   • Navigate to Devices > Windows > Configuration Profiles.
   • Assign compliance and configuration policies to the enrolled device.
3. Deploy Apps:
   • Navigate to Apps > Windows Apps.
   • Assign required applications to the device or user.

Step 4: Verify Enrollment in Intra ID Cloud

1. Log in to the Intra ID Cloud Portal:
   • Use your admin credentials to access the portal.
2. Confirm User and Device Enrollment:
   • Navigate to Devices to confirm the enrolled device appears.
   • Navigate to Users to verify that the user is properly associated with the device.
3. Test Access and Permissions:
   • Ensure that the enrolled device has access to assigned resources (e.g., email, apps).

Additional Notes

• Ensure the local admin passwords are updated periodically to comply with security policies.
• Use multi-factor authentication (MFA) for Intra ID accounts for added security.
• If users encounter issues during enrollment, refer them to IT support or escalate through the defined support channels.

This process ensures secure and efficient user and device enrollment in your organization’s Intra ID ecosystem.

For implementation services email us at [email protected]