Windows Intune: Getting set up and Enrolling Devices

This is the second part of a series on Windows Intune. Windows Intune is Microsoft’s mobile device management solution.

Setting up Intune – Users

Setting up the trial of Intune is pretty simple. Go to the Intune homepage and set up a trial. No credit card information is needed, and you can use your trial for 30 days and manage 25 devices. When you get signed in, the first thing that you have to do is set up users. This has to be done so that devices can be enrolled. Click the “Add users” button. If actually implementing Intune (versus trying it out), you will want to eventually tie it to some sort of single-sign on or Active Directory.


After clicking “Add users”, fill out the form with their information. You can also expand “Additional Details” for extra directory information. Next, define if this user will be an administrator, as well as their location. Leave the defaults on the “Group” page. The “Email” page allows you to send emails to the user/users that you just created. The system will send them an email with their username and temporary password. Finally, click create and the account will be created.


Setting Up Intune – Device Management

After creating your first user, this box appears on the screen. Click the “Admin Console” link.


This link will direct you to the Intune admin console (you will likely have to log in again). The first thing that appears is the ability to download the computer client, as well as setting up mobile device management authority. We will focus on mobile device management. Click on the “Set up mobile device management authority and channels” link. Click the “Set Mobile Device Management Authority” link under “Tasks” in the right pane. Check the box and click OK.


Now the remaining options on the page enables and we can begin to set up the various mobile operating systems. I am going to illustrate Intune’s capabilities with an iOS device.


To begin setting up Intune for iOS, click the iOS link. You are presented with this screen:


This is a little confusing at first, because it looks like you need an Apple APNs certificate, with usually requires an iOS developer account (at a cost of $99/year). This, however, is not the case. When you click “Upload an APNs Certificate”, you are given the option to “Download the APNs certificate request”. This streamlines the process and does not require the additional cost of an iOS developer account.


Download the csr file and click the “Apple Push Certificates portal” link. You should be presented with an Apple login screen. Ensure that you log in with a company Apple ID and not your personal ID. The created certificate will be tied to this Apple ID and cannot be transferred.


Click the “Create a Certificate” link and accept the terms and conditions. Browse to your certificate and click “Upload”. If you are using IE, you will be prompted to download a .json file. Ignore this and refresh the page. You will be present with this screen:


Notice that it says that this certificate will expire on July 25, 2015 (one year from today). This certificate has to be renewed at that date, your MDM will cease to function. This information is tied to your Apple ID, which is how you can get back to this point to renew your certificate. From this screen, we download the certificate. Click the “Download” button and save the file. Now we can go back to Intune and upload the certificate. Browse for the downloaded certificate and type in the Apple ID assigned to it.


Now that we have iOS configured, we can enroll a device. Go to on the mobile device. Log in with the account that we set up earlier.


Once you’re signed in, click the “Install” button. This will enroll the device into Intune.


Click “Install” to install the MDM profile.


It will take it a few seconds, but after the system generates the appropriate keys, the device will enroll.


We can go back to the Intune console and see the new device:



All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistant.



Contact Us

On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.