mardi 5 mars 2013

[SCCM 2012 & Intune] Mobile management - Part 2: Configure SCCM 2012 for iOS devices


In part 1 of this series, we configured connector between SCCM 2012 SP1 and Intune.


Now that Active Directory, Windows Intune and SCCM are properly configured to communicate, I propose to enroll an iOS device.


PART 2 - CONFIGURE SCCM 2012 FOR iOS DEVICES


1. Request an Apple Push Certificate

In the Configuration Manager console, open the Administration workspace
Expand Hierarchy Configuration and select Windows Intune Subscriptions.
Click on Create APNs certificate request


Provide a path on your computer for the request file
Click on Download


The Windows Intune web page appears.
Sign in.


The window disappears and your certificate request is generated.
Open the Apple Push Certificate Portal link or go to https://identity.apple.com/pushcert/


Sign in on the Apple Push Certificates Portal
 

Accept the Terms of use


Provide the path to the certificate request file previously generated
Click on Upload


On my own experience, the portal provides a .json file. Just ignore that file and go back to the portal home (https://identity.apple.com/pushcert/)


You now see your certificate.
Click on Download and save your .pem file.


For more information about MDM with Apple, go to http://www.apple.com/iphone/business/it-center/deployment-mdm.html




2. Enable iOS platform

In Windows Intune Subscriptions, select your Windows Intune Subscription
Click on Properties


Open the iOS tab
Select Enable iOS platform
Provide the certificate downloaded previously from the Apple portal




3. Enroll an iOS device

Lets start by testUser2, the user with configuration mistakes (see part 1)
Open your browser on https://m.manage.microsoft.com (not manage.microsoft.com but M.manage.microsoft.com, on my experience, this are two different portals)



 If you connect for the first time, portal will request you to update your password.


And the Crash !! testUser2 exists in Windows Intune so you can connect on the portal but that user is not defined as an authorized user.
The enrollment fails !!




Lets start again with testUser1
Open your browser on https://m.manage.microsoft.com

 

Update your password if requested and sign in
Click on Install


The profile installation window appears
Click on Install


Click on Install Now

 

Click on Install

 


Click on Done to finish installation


Click on here to open the Company portal
or open a session on https://m.manage.microsoft.com





You can notice that the application Company Portal just appears on your device.
If you click on it, your browser opens the Windows Intune portal (https://m.manage.microsoft.com)




In my next post, I will show you how to deploy an application on a mobile device.


See you soon
Julien

6 commentaires:

  1. Good guide. However, do you have to do Part 1 before you do part 2?

    RépondreSupprimer
    Réponses
    1. Hi Kristian,

      Thank you for your comment.

      Yes, I confirm that you have to configure Windows Intune connector on your SCCM environment and next, you can configure your iOS devices.
      You can also configure directly Windows Intune for iOS device without SCCM but that's a totally different story (cloud only mode).

      Regards,
      Julien

      Supprimer
    2. Thanks for the fast answer. I've writing my bachelorthesis on Intune and SCCM. How they work togheter is a big part of it.
      These guides has helped me alot.

      For this I'm going to give you a thanks at the end.

      Supprimer
    3. Great !!

      Thanks a lot ;o)

      Supprimer
  2. Hi,
    This is the first time I am contacting you, please try to help me figure out whats wrong in my lab setup.
    Why I cant enroll my device .
    I setup a lab environment for MDM with Config Mrg 2012 R2.
    My public domain is verified, UNP looks good under AD.
    On end user side, I downloaded the Windows Intune Company Portal App.
    I cant enroll my iOS device. I got Unanticipated error.

    RépondreSupprimer
    Réponses
    1. Hi, Could you tell exactly what step is working bad ?

      Before downloading compagny portal application, you need to link SCCM 2012 with intune... Everything is described in part 1 and part 2

      Regards

      Supprimer