How to manage IOS devices with Windows Intune

One of the great features Windows Intune delivers to us is the ability to manage IOS devices of our employees.  We do not use System Center Configuration manager 2012 in a domain environment so we decided to setup Windows Intune to manage our mobile devices as a standalone system.  This is how we did it.

 

Login to Windows Intune and go to:

ADMINISTRATION /  MOBILE DEVICE MANAGEMENT

At the right under “Tasks” click “Set Mobile Device Management Authority” and select “Windows Intune”

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Now go to:

ADMINISTRATION / MOBILE DEVICE MANAGEMENT / IOS / UPLOAD AN APNS CERTIFICATE

and click on “Download the APNs certificate request”.

You will now be presented with a file, save it somewhere on your desktop.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Once you have your request file, you can now request a new certificate from Apple.  To do this, you will need an apple ID.  I suggest you create a new appleID for your company with a generic email address that someone would be able to access should you leave your company.

To do this, go to https://appleid.apple.com and click on “Create”

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Fill in the details required to create the new AppleID.

Once complete, you will have to verify the request.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Once created, click on the “Apple Certificates Portal” link in Windows Intune and login with your Apple ID.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Once Logged in, click on “Create a certificate”.  You will upload your certificate request file and at the end of the wizard, you will be presented with this screen

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Download your certificate.

Go back to Windows Intune, and click on the button labeled “Upload the APNs Certificate”

Click on the Browse button, and select your certificate file.

Enter your appleID you used to create the certificate in the “Apple ID” field.  (This is just so that Windows Intune can remind you which appleid you used, it’s not used for anything else)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Once uploaded, you will get a confirmation screen.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Now you should be able to enroll IOS devices.  Ask your users to navigate (Using NB: SAFARI) to https://m.manage.microsoft.com on their iPhones.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Click on the “Install” button, to active the management profile.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Once again, click on “Install”

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Accept the Warning and click “Install” AGAIN

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Which should then be installed.  If you now go to windows Intune and give it a few minutes, you will start seeing devices.