Adding Intune subscription to ConfigMgr for Hyrbid MDM

Leave a reply

This post will show you how to add an Intune subscription to ConfigMgr  for Hybrid MDM and enable enrollment for iOS devices.

To see the benefits of using Intune with ConfigMgr rather than standalone, Microsoft has a good post Choose between Microsoft Intune standalone and hybrid mobile device management with System Center Configuration Manager

My current on-prem environment looks like this:

  • ConfigMgr Current Branch version 1606.
  • User collection created with users whose devices can be enrolled
  • Custom domain add and verified in Office 365 admin portal
  • Azure AD Connect set up to synchronize my user accounts to Azure AD. Steps to set this up are here
  • Intune subscription (You can get a 30 day trial subscription here)

First step to add the Intune subscription is to go into Cloud Services then right click Microsoft Intune Subscriptions and select Add Microsoft Intune Subscription

intune1

Have a read of the Getting Started and click Next.

intune2

Sign in with your Intune account

intune3

Have a read and if you agree, click the checkbox. Note that you can’t change this back unless you contact Microsoft Support.

intune4

Enter in your Intune username and password

intune5

Once you’re signed in, click on Next

intune6

Select the user collection with users whose devices can be enrolled. You can configure your company name and any other settings you like and click Next

intune7

Fill in any other information you would like and click Next

intune8

Specify a company logo if you like and click Next.

intune9

Select the user that you would like to be the Device Enrollment Manager. You can see more info here

intune10

If you would like to use MFA, select the enable checkbox and Next.

intune11

Confirm your settings and click Next.

intune12

Once its finished click Close. You can view the Cloudusersync.log to make sure the role was set up successfully and look out for any errors.

intune13

Next we will create an APN. The Apple Push Notification service (APNs) certificate is used to establish a trust relationship between the management service, Intune, and enrolled iOS mobile devices

intune14

intune15

intune16

Next we will login to the APN certificate portal with an Apple ID. The link is here

intune17

Click on Create Certificate

intune18

Click Accept if you accept the terms and conditions.

intune19

Upload the certificate you created earlier.

intune20

Now Download the certificate

intune21

Now we will configure the iOS platform.

intune22

Click Enable and browse to the certificate you downloaded before and click Ok.

intune23

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s