Windows Intune: Getting set up and Enrolling Devices

This is the second part of a series on Windows Intune. Windows Intune is Microsoft’s mobile device management solution.

Setting up Intune – Users

Setting up the trial of Intune is pretty simple. Go to the Intune homepage and set up a trial. No credit card information is needed, and you can use your trial for 30 days and manage 25 devices. When you get signed in, the first thing that you have to do is set up users. This has to be done so that devices can be enrolled. Click the “Add users” button. If actually implementing Intune (versus trying it out), you will want to eventually tie it to some sort of single-sign on or Active Directory.


After clicking “Add users”, fill out the form with their information. You can also expand “Additional Details” for extra directory information. Next, define if this user will be an administrator, as well as their location. Leave the defaults on the “Group” page. The “Email” page allows you to send emails to the user/users that you just created. The system will send them an email with their username and temporary password. Finally, click create and the account will be created.


Setting Up Intune – Device Management

After creating your first user, this box appears on the screen. Click the “Admin Console” link.


This link will direct you to the Intune admin console (you will likely have to log in again). The first thing that appears is the ability to download the computer client, as well as setting up mobile device management authority. We will focus on mobile device management. Click on the “Set up mobile device management authority and channels” link. Click the “Set Mobile Device Management Authority” link under “Tasks” in the right pane. Check the box and click OK.


Now the remaining options on the page enables and we can begin to set up the various mobile operating systems. I am going to illustrate Intune’s capabilities with an iOS device.


To begin setting up Intune for iOS, click the iOS link. You are presented with this screen:


This is a little confusing at first, because it looks like you need an Apple APNs certificate, with usually requires an iOS developer account (at a cost of $99/year). This, however, is not the case. When you click “Upload an APNs Certificate”, you are given the option to “Download the APNs certificate request”. This streamlines the process and does not require the additional cost of an iOS developer account.


Download the csr file and click the “Apple Push Certificates portal” link. You should be presented with an Apple login screen. Ensure that you log in with a company Apple ID and not your personal ID. The created certificate will be tied to this Apple ID and cannot be transferred.


Click the “Create a Certificate” link and accept the terms and conditions. Browse to your certificate and click “Upload”. If you are using IE, you will be prompted to download a .json file. Ignore this and refresh the page. You will be present with this screen:


Notice that it says that this certificate will expire on July 25, 2015 (one year from today). This certificate has to be renewed at that date, your MDM will cease to function. This information is tied to your Apple ID, which is how you can get back to this point to renew your certificate. From this screen, we download the certificate. Click the “Download” button and save the file. Now we can go back to Intune and upload the certificate. Browse for the downloaded certificate and type in the Apple ID assigned to it.


Now that we have iOS configured, we can enroll a device. Go to on the mobile device. Log in with the account that we set up earlier.


Once you’re signed in, click the “Install” button. This will enroll the device into Intune.


Click “Install” to install the MDM profile.


It will take it a few seconds, but after the system generates the appropriate keys, the device will enroll.


We can go back to the Intune console and see the new device:



All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistant.



Contact Us

On Key

More Posts

Mastering Azure AD Connect - A Comprehensive Guide by WME
Active Directory

Mastering Azure AD Connect – A Comprehensive Guide

Modern businesses are fast moving toward cloud-based infrastructure. In fact, cloud-based business is not just a trend anymore but a strategic necessity. Microsoft’s Azure Active Directory (Azure AD) has become a frontrunner in this domain. It

Read More »
Security Best Practices in SharePoint
Office 365

Security Best Practices in SharePoint

Microsoft SharePoint is an online collaboration platform that integrates with Microsoft Office. You can use it to store, organize, share, and access information online. SharePoint enables collaboration and content management and ultimately allows your teams to

Read More »
The Ultimate Guide to Microsoft Intune - Article by WME
Active Directory

The Ultimate Guide to Microsoft Intune

The corporate world is evolving fast. And with that, mobile devices are spreading everywhere. As we venture into the year 2024, they have already claimed a substantial 55% share of the total corporate device ecosystem. You

Read More »
Protecting Microsoft 365 from on-Premises Attacks
Cloud Security

How to Protect Microsoft 365 from On-Premises Attacks?

Microsoft 365 is diverse enough to enrich the capabilities of many types of private businesses. It complements users, applications, networks, devices, and whatnot. However, Microsoft 365 cybersecurity is often compromised and there are countless ways that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.