- Microsoft Graph: A single (PowerShell) API for Microsoft’s cloud services - Tue, Aug 23 2022
- Exchange impersonation: Grant permissions to service accounts - Mon, Aug 8 2022
- Send Microsoft Teams meeting invitations in multiple languages - Thu, Jul 21 2022
To register an iOS device with Intune, at the Manage section of the console, go to Device enrollment > Apple enrollment. Once there, follow the link Apple MDM Push certificate to apply for one.
Start screen for Apple device enrollment in Microsoft Intune
This is because Intune communicates with the iOS devices via push messages to manage them.
Requesting certificate from Apple
The certificate is free of charge, and you can apply it for using an Apple account. After executing the above command, a dialog with five sections opens. Under point 1, you must give Microsoft permission to send information to Apple.
Apple MDM Push certificate request form
The second step is to download the .csr file, which you will then use to request the Apple certificate. This occurs under point 3, where the corresponding link leads you to Apple's website. If necessary, you can create a new (free) account at this point or authenticate yourself with an existing account.
Log in to Apple's certificate portal
The page for creating a certificate should now display.
Start page for requesting a certificate from Apple
After clicking on Create a Certificate, you will confirm the Terms of Use next. Then you upload the request file, which you have downloaded under point 2.
Upload .csr file to request a certificate
Finally, the certificate is ready for download. It is important to make sure it is valid andto note the expiry date so you can renew it on time. Otherwise you can't manage the iOS devices any more.
Download Apple's push certificate as a .pem file
Importing the certificate to Intune
After returning to the Intune console, enter the Apple ID used to request the certificate under point 4 and upload the certificate, available in .pem format, to Intune. This completes the initial setup.
Import Apple's push certificate as a .pem file into Intune
Enroll devices via app
Now you can start enrolling iOS devices. There are several ways to do this: Apple's Device Enrollment Program (DEP), Apple School Manager, Apple Configurator, and finally the App Intune Enterprise Portal.
In our example, I use the app you have to download from the App Store to the iOS device.
Installation of the Intune company portal from the App Store
You now log on to it with the company data.
Signing in at the Intune company portal
The app then displays a series of dialogs you will need to confirm. These include, for example, information for transmitting data and how to set up access to the network.
The last step is to install the management profile on the smartphone. It will later serve to grant access to company apps and to resources.
You've now registered the smartphone and can view and manage it as a device in the Intune portal.
Subscribe to 4sysops newsletter!
List of managed iOS devices in Intune
If you have created policies before enrolling, they will now be applied to the device.
