New Device Enrollment with DEM Account - Proper Workflow?
Hi there,
I'm trying to get a DEM account working at my company, and I've run into some issues. My goal with this account (in case this matters) is to have Company Portal install automatically, followed by the default software loadout after sign-in. I've created an InTune group with only the DEM as a member and pushed out the relevant software as "Required" to that group.
I have created the DEM account, assigned the "InTune" license to it, added it to the DEM group, and added it to the list of users who are allowed to join devices. I've checked device restrictions to ensure Windows platform devices are allowed (they are). I've been able to enroll devices successfully using my personal admin account, so enrollment itself isn't broken.
I've gotten some conflicting information about what the enrollment workflow should be with this type of account. Claude tells me one thing, ChatGPT tells me another. My understanding was I could fire up a new device out of the box, and go through OOBE, using the DEM account when asked to sign-in. When I do this, things get broken. When I install Company Portal and open it, I get a message: "This device hasn't been set up for corporate use yet. Select this message to begin setup." Going through that process eventually gets me to an error: "You don't have the right privileges to perform this operation. Please talk to your admin."
Please let me know what you'd do in this instance. Thanks!