Hi,Have an issue when linking Intune to Zero-touch.When connecting the 2, it does not add any "PROVISIONING EXTRAS" I can create it manualy, with the EMM DPC and DPC extras.When i asign it manualy it work, but when it's set to "Enterprise Default Profile" it will look at the DPC extras from intune (That is Empty) and then just ask for QR or code to the Profile.The Intune profile that is selected as default is a "Corporat-owned, fully managed user device" profile in ZTHave been in contact with Microsoft regarding this for 3 months, and they cannot help me, they only thing they can say is "The profile maybe Corrupt" and we need to create a new one. We have 250 devices added to ZT by this pointHave tried unlinking, and linking after waiting 24 hours, and so on. But nothing have worked. I was hoping that someone in here can help me with this 🙃

Hey, The "Link your zero-touch account to your EMM provider" from the Intune UI is not something I recommend anyone to use. A few years ago when it was first introduced In Intune I wrote an article on it here: https://timmyit.com/2022/09/26/first-look-at-link-your-zero-touch-account-to-intune-and-manage-zero-touch-enrollment-from-the-endpoint-manager-admin-center/the conclusion was that unless you are only using 1 profile for "Corporate-owned, fully managed user device" its pretty much useless. And it has to much knowledge not changed since then and that's often a sign that its no longer getting the love and attention from Microsoft which you also somewhat experienced in your support request. There is no need or requirement to use the "Link your zero-touch account to your EMM provider" from the Intune when working with Android Enterprise and Zero touch and I'll happy to point you in the right direction for things if there are certain specific scenarios you wish to cover. /Timmy

It's not an uncommon complaint, intune's implementation leaves a lot to be desired. As Timmy suggests, better to avoid it and handle ZT through the customer portal (partner.android.com/zero-touch)

Yes exactly. If you're efficient with it you can time the profile default with the order you make with a reseller, switching them up as needed to auto-assign to different configs by order. That, or lean on the zero-touch customer API, which allows you to automatically and in bulk manage devices and their configs ✨

Hello Kristian45, Welcome to the Customer Community. jeremy, jasonbayton, Moombas, Timmy wondering if you have any thoughts on this one? (Thank you in advance)

Thanks for all the replies.The idea was that we deliver the Tablets directry to different locations, without going into the portal, and changing the Profile every time (Have done this the last 3 months).I guess it will work if i remove the connection/Link to Intune, and set the "Default configuration" to the Intune configuration i have created manually in Zero-touch? Again, thanks for all the awnsers, was not able to find anything about this anywere, Hope this can help some other people having the same issue in the future.

Intune not adding PROVISIONING EXTRAS - Zero-Touch | Android Enterprise Customer Community

Lizzie
Google Community Manager
10 months ago
Hello Kristian45,

Welcome to the Customer Community.

jeremy, jasonbayton, Moombas, Timmy wondering if you have any thoughts on this one? (Thank you in advance)
jeremy
Level 3.0: Honeycomb
10 months ago
Yes so this is usually populated by the EMM (Intune in this case) they might have an issue, but it's on their end as this is a parameters sent through the URL to the iframe.
Timmy
Level 2.0: Eclair
10 months ago
Hey,

The "Link your zero-touch account to your EMM provider" from the Intune UI is not something I recommend anyone to use. A few years ago when it was first introduced In Intune I wrote an article on it here: https://timmyit.com/2022/09/26/first-look-at-link-your-zero-touch-account-to-intune-and-manage-zero-touch-enrollment-from-the-endpoint-manager-admin-center/

the conclusion was that unless you are only using 1 profile for "Corporate-owned, fully managed user device" its pretty much useless. And it has to much knowledge not changed since then and that's often a sign that its no longer getting the love and attention from Microsoft which you also somewhat experienced in your support request.

There is no need or requirement to use the "Link your zero-touch account to your EMM provider" from the Intune when working with Android Enterprise and Zero touch and I'll happy to point you in the right direction for things if there are certain specific scenarios you wish to cover.

/Timmy
jasonbayton
Level 4.0: Ice Cream Sandwich
10 months ago
It's not an uncommon complaint, intune's implementation leaves a lot to be desired.

As Timmy suggests, better to avoid it and handle ZT through the customer portal (partner.android.com/zero-touch)
Kristian45
Level 1.6: Donut
10 months ago
Thanks for all the replies.

The idea was that we deliver the Tablets directry to different locations, without going into the portal, and changing the Profile every time (Have done this the last 3 months).

I guess it will work if i remove the connection/Link to Intune, and set the "Default configuration" to the Intune configuration i have created manually in Zero-touch?

Again, thanks for all the awnsers, was not able to find anything about this anywere,
Hope this can help some other people having the same issue in the future.
- jasonbayton
  Level 4.0: Ice Cream Sandwich
  10 months ago
  Yes exactly. If you're efficient with it you can time the profile default with the order you make with a reseller, switching them up as needed to auto-assign to different configs by order.
  
  That, or lean on the zero-touch customer API, which allows you to automatically and in bulk manage devices and their configs ✨
AndriusG
Level 1.5: Cupcake
6 months ago
I have the same problem, no matter what I put in the DPC extras, it never picks up the enrolment token. Lizzie or anyone from ZT, can you please assist here? We are only using 1 token.
- jasonbayton
  Level 4.0: Ice Cream Sandwich
  6 months ago
  The Intune implementation is rubbish, you'll need to take it up with Microsoft
  - AndriusG
    Level 1.5: Cupcake
    6 months ago
    Why? It is not the issue of Intune that ZT portal does not apply the default configuration you have created and configured to be a default. If I manually apply it, it works like a charm.
- Timmy
  Level 2.0: Eclair
  6 months ago
  Have you read the post I linked to above ? https://timmyit.com/2022/09/26/first-look-at-link-your-zero-touch-account-to-intune-and-manage-zero-touch-enrollment-from-the-endpoint-manager-admin-center/
  
  This will explain the situation and what you should do if you need to use DPC extra.
  Assuming you have the exact same scenario, its not a google issue. Its Microsoft Intune limitations for this specific feature. But you can use DPC extra with Intune if you just use the Zero touch portal with Intune.
- Kristian45
  Level 1.6: Donut
  6 months ago
  I removed the Intune Connection, and just use it from Zero-touch.
  
  Disconnect Intune to ZT, and try and chance the profile on your test Device to use the specific profile, instead of the “Enterprise Default”(this do not work)
  
  then you can set up the Default Configuration i ZT, to get added when you get new device into the portal
  
  hope this explains it.
  - AndriusG
    Level 1.5: Cupcake
    6 months ago
    Hi,
    
    I need a bit more details. How to disconnect Intune from ZT I am aware, but I think it might not allow to do it, till I have devices that were enrolled this way?
    
    In terms of the profiles in ZT, I have configured "my own" profile with DPC extras that include the enrolment token, but unless I change the profile for each device - they do not pick up the configuration and ultimately the token. All of them always default to "Enterprise Default Profile". How this would be different when I disconnect Intune from ZT?