We have 3 locations which comprise of Windows PCs/laptops, Servers, and some iPhones/iPads. We are constantly running into people connecting their personal phones or laptops to our wired and/or wireless network.
We really don't want to get into managing a local CA server, or Cisco ISE, or anything like that as we are a thin staffed IT Dept.. We do have SCCM 2012 R2 in place and I was looking into to seeing if I can manage this with a Hybrid InTune setup. Is it possible to prevent people from connecting to our network based on whether or not they are enrolled? And can we have enrollment be something we have to approve before they're given access?
Or if there are any other ideas that make more sense I'd love to hear them as well.