23 C
Dubai
Monday, March 24, 2025
HomeCertificates
CertificatesMicrosoft 365Intune Web-based Enrollmentx-All Posts-x

Intune Web-based Enrollment for iOS Devices: How to Get Started

Premnath
By Premnath
0
1649

Intune Web-based Enrollment Prerequisites

  • Intune is the MDM Authority
  • Apple MDM certificate is configured
  • Intune license for the end-user
    • iOS Enrollment profile
    • Just-in-Time(JIT) device configuration profile

    Step 1: Create Web-based device enrollment profile for iOS in Intune

    In the Intune admin center, browse to Devices/Enrollment/Apple and select Enrollment types

    Step 2:

    Select Create Profile/iOS/iPadOS

    Step 3:

    Provide a name of the enrollment profile

    Step 4:

    Select Web-based device enrollment

    Step 5:

    Like other enrollment profiles, select a target group of users allowed to use it

    Step 5:

    Note : Use the left section to change the priority order of the various profiles in case the user is targeted by multiple enrollment profiles.

    Create a Just-in-time registration device configuration profile

    Why JIT configuration?

    Just-in-time registration is required to use the Apple Single sign-on(SSO) extension to complete the Microsoft Entra registration of the device. Just in time will limit the number of authentication prompts by establishing the SSO across the whole device for Microsoft products

    Step 1 :

    In theIntune admin center, browse to Devices/Configuration and create a new policy

    Step 2:

    Select iOSTemplates and Device Features. Click Create

    Step 3 :

    Provide the name

    Step 4:

    Under Single sign-on app extension, select Microsoft EntraID

    Additional configurations are needed.
App Bundle ID isn’t required for our current need.
2 keys are needed
Key: device_registration
Type: String
Value: {{DEVICEREGISTRATION}}
Key: browser_sso_interaction_enabled
Type: Integer
Value: 1

    Note : Avoid additional space before/after those values, otherwise Just-in-Time won’t work!!

    Step 5:

    Assign the device configuration to the same group as the Enrollment profile for convenience.

    Enroll iOS using Web-based device enrollment

    Sign-in with Microsoft Entra ID credentials

    Click on Get Started

    Allow this website to download a configuration profile.

    Go to Settings / General / VPN & device management

    A prompt will ask to install the Microsoft Intune root certification authority, click on Install and Trust

    Three Stages to Colour Grading Photography YouTube Thumbnail – 1

    Once the profile is installed, the enrollment is completed and the device will begin to process policies and applications!

    Premnath
    Premnath
    I have been working as Cloud engineer in System Administration field in Microsoft Azure, Microsoft Office 365 / Exchange Servers / Endpoint Manager / Azure Active Directory (IAM) / PowerShell

    Related Articles

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here

    EDITOR PICKS

    POPULAR POSTS

    POPULAR CATEGORY

    ABOUT ME

    Satheshwaran Manoharan - Microsoft MVP - Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

    Contact : Info@Azure365Pro.com

    FOLLOW US

    © Azure365Pro.com

    × How can I help you?