Intune classifies new devices as personally-owned by default. As an Intune admin, you can identify devices as corporate-owned to refine management and identification. Intune can perform additional management tasks and collect additional information such as the full phone number and an inventory of apps from corporate-owned devices. You can also set device restrictions to block enrollment by devices that aren’t corporate-owned.
With Intune, there are multiple ways to identify a device as corporate-owned:
- The device information (IMEI or serial number) is stored in Intune prior to enrollment. When the device is enrolled, Intune will find the match and automatically categorize the device as a corporate device. (the steps for this to work is covered in this post)
- For Apple devices, using Apple Business Manager (or Apple’s older Device Enrollment Program (DEP)) integration
- For Android devices, using Android Enterprise integration
- Manually after a device has been enrolled
Adding corporate device identifier
To add a corporate identifier, you first need to create a two-column, comma-separated csv file. The first column will be the identifier information (IMEI or serial number) and the second column will contain details about the device. The details column is limited by 128 characters and are for administrative use only.
To add new corporate device identifiers, perform the following steps on a computer connected to the internet:
- Open notepad
- Create a new file with the content required and save as .csv file
Note: The list must contain the IMEI or Serial Number. You cannot use Serial Number and IMEI on the same file. In this case, multiple files are required to be created. The file also cannot have more than 5,000 lines.
Note: Some Android devices have multiple IMEI numbers. Intune only reads one IMEI number per enrolled device. If you import an IMEI number but it is not the IMEI inventoried by Intune, the device is classified as a personal device instead of a company-owned device. If you import multiple IMEI numbers for a device, uninventoried numbers display Unknown for enrollment status.
Note: Android Serial numbers are not guaranteed to be unique or present. Check with your device supplier to understand if serial number is a reliable device ID. Serial numbers reported by the device to Intune might not match the displayed ID in the Android Settings/About menus on the device. Verify the type of serial number reported by the device manufacturer.
- Open a browser and navigate to https://devicemanagement.portal.azure.com
- click Devices, Enroll devices and then Corporate device identifiers
- On Enroll devices | Corporate device identifiers, click Add and select Upload CSV file
- On Add Identifiers, select the identifier type and browse to the file created earlierand then click Add
- Back to the Enroll devices | Corporate device identifiers, wait few seconds until Intune finishes processing the file and click Refresh. The new identifiers will appear
Deleting corporate device identifier
Deleting a corporate identifier is sometimes needed. This can be when the device is no longer part of the company because it was recycled or for some other reason.
To delete existing corporate device identifiers, perform the following steps on a computer connected to the internet:
- Open a browser and navigate to https://devicemanagement.portal.azure.com
- click Devices, Enroll devices and then Corporate device identifiers
- On Enroll devices | Corporate device identifiers, select the Identifier that you want to delete and click Delete.
Note that you can multi-select to perform the same task in multiple identifiers
- On the Warning message, click Yes. Once the exclusion has been completed, the list will be refreshed
Article originally published on LinkedIn.
