Wednesday, August 5, 2015

Part 6: Manage iOS devices using SCCM and Intune

Part 6: Manage iOS devices using SCCM and Intune
To manage mobile devices, first we need to enroll the devices using SCCM and Microsoft Intune. For device enrollment, we need to configure Apple Push Notification service (APNs) to get the policies from configuration manager.

To enroll iOS device's;
1. Create an APN Certificate
1.1 Go to \Administration\Overview\Hierarchy Configuration\Windows Intune Subscriptions
1.2 Right click on Microsoft Intune Subscriptions then click Create APN's Certificate Request
1.3 On Request Apple Push Notification Service Certificate Singing Request window enter a location
       where you want the file to be created then click Download
1.4 You will be presented with the Microsoft Intune login page, enter your Intune subscription
1.5 The download will complete if you have entered the correct details. Click Close.
       Now you will have .csr file on chosen location.
1.6 Now open Apple Push Certificates Portal by visiting then login with any
      Apple ID

1.7 On Apple Push Certificate Portal get started page, click on create a certificate
1.8 Accept the Terms and Conditions
1.9 On Create a New Push Certificate page click on Browse and browse the location where you
      have saved the .csr file, then click Upload
1.11 This will create a new apple push MDM certificate for iOS devices, with a validity of one year.
        Apple Push Certificate Portal will display the newly created certificate as below;
1.12 From Apple Push Certificate Portal, click on download and save the .pem file. By default the
        file name will be MDM_Microsoft Corporation_Certificate.pem
        We need this .pem certificate to enroll iOS device
 2. Enable Enrol iOS device;
2.1 Open SCCM Console then go to \Administration\Overview\Cloud Services\Microsoft Intune  
2.2 Right click Microsoft Intune Subscription then Configure Platforms then iOS
2.3 Check Enable iOS enrollment
2.5 Browse to the location where we have saved APNs certificate (.pem)
 2.6 Click OK

3. Enroll the iOS device
 To enroll and access the company portal, you need to download Microsoft Intune Company Portal
 App from Apple App store
3.1 search and download Microsoft Intune Company Portal on iOS device
3.2 Once the installation is complete, launch the App
3.3 Enter the your company email ID and password
3.4 On the Device Enrollment screen select Enroll at the bottom.
The enrollment process will start and will take 30 seconds or so and the device will switch the screens in between web and app.

3.5 As soon as the device is enrolled, the iOS device will prompt to Install profile.
      Click Install on install profile screen
3.6 During Management Profile install stage, you’ll be prompted to enter your iPhone passcode

The installation of profile will begin
3.6 While installing the Management Profile a security key will be generated

Certificate will be enrolled;

3.7 After installing the profile, you will need to click on Trust on the iOS device for remote
3.8 If everything goes well, you will get Device Enrolled confirmation msg.
      Click OK on the message window
4. We have successfully enrolled iOS device using SCCM and Microsoft Intune
5.Your company portal home page will look as below on your iOS device
Remaining other parts of this article is here

No comments:

Post a Comment