Microsoft Entra ID & Intune - Tanium Provision - Tanium Tech Talks #144

tanium logo
Tanium
Oct 29, 2025
Tanium

Today we see how Tanium Provision can enroll newly-imaged #Windows machines 💻 into #Entra ID and #Intune using two methods:
⚙ Windows Configuration Designer package file
⚙ Autopilot JSON file

With the move to Windows 11 many organizations are taking the opportunity to adopt Entra ID & Intune. The official Microsoft approach requires devices to be pre-enrolled by the hardware vendor with Autopilot enabled on the device. Tanium is able to support this and can also support devices which aren't associated with a customer tenant via Autopilot. Tanium Provision can automatically enroll a device into Entra ID & Intune as part of the build process -- in a similar manner to an on-prem Active Directory domain join.

Today we explore these options, the steps involved, and the design choices of each.

Use the Windows Configuration Designer app to create a provisioning package for corporate-owned devices for joining them to your Microsoft Entra tenant and enrolling them for Intune management. This involves an embedded credential that expires by default every six months. This is the option most customers choose for simplicity. The Tanium client is automatically installed when using this method.

The second method involves generating a JSON file for #Autopilot to bring the device into Entra ID and Intune management. This method by default does not include the Tanium client. However, the Tanium client could be pre-installed as part of the image by following the doc link below for VDI configuration.

See the demo on today's Tanium Tech Talk!

#informationsecurity #informationtechnology

RESOURCES
Provision Walkthrough https://www.youtube.com/watch
Docs - Entra ID & Autopilot
https://help.tanium.com/bundle/ug_provision_cloud/page/provision/ref_advanced.html#Join
Docs - VDI configuration
https://help.tanium.com/bundle/ug_client_cloud/page/client/os_imaging_virtual.html

FREE PASS TO CONVERGE 2025
Get a FREE pass to Tanium Converge in Orlando, Florida, November 17-20.
Go to: https://converge.tanium.com
➡️ Click Register Now
Use the promo code As-McGl-40000 for a free ticket type of your choosing:
🎟️ In-Person
🎟️ In-Person + Labs
🎟️ Converge Virtual + Virtual Self-Services Labs
Also note:
✅ Converge Virtual base tickets are free and do not require a promo code.
✅ Promo codes cannot be used on certification exams or Converge Party Guest passes.

CHAPTERS

00:00 Intro

00:42 Meet Rob

01:20 Converge 2025 Labs

02:50 What is Provision?

03:57 Entra ID & Intune

13:02 DEMO Windows Configuration Designer

18:30 DEMO Provision with Entra ID

20:00 DEMO Autopilot

26:00 DEMO Provision with Autopilot

27:19 DEMO Intune vs Autopilot

28:15 DEMO First boot experiences

32:20 Design choices

36:15 Troubleshooting

39:28 Wrap up & resources

Copyright © 2026 OpsMatters™. All rights reserved.