In this post I am going to run through a scenario in which you can block personal android devices from enrolling into your Intune MDM. This is particularly useful if you only want to be able to fully manage corporate devices in your environment. The first step is to distinguish between corporate and personal. To do this you must obtain a list of either IMEI or Serial numbers for your corporate devices.
Next you need to login to the azure portal https://portal.azure.com and navigate to the Intune Blade. In Intune go to Device Enrollment > Corporate Device Identifiers. Here is where you add your serial or IMEI numbers. You can do this by either uploading a csv file or entering manually.
Once you have entered your corporate device indentifiers those devices are automatically enrolled as “Corporate Devices”. The next step is to block enrolment of personal devices. You can do this by navigating to Intune > Device Enrollment > Enrollment Restrictions.
Under Device Type Restrictions click on “Default” and then navigate to “Properties”. Under properties click “Configure Platforms” and next to android change the selection from “allow” to “block” for personally owned devices and click ok
You have now successfully blocked personal android devices from being enrolled into Intune.