Windows 10 phone MDM enrolment via hybrid Intune/ConfigMgr

ConfigMgr, Guide, Intune, MDM, SCCM CB, Windows 10 3 comments

Robert Marshall has recently posted a great guide to get yourself up and running with an environment for Intune in ConfigMgr CB or Technical Preview http://wmug.co.uk/wmug/b/r0b/archive/2017/03/05/running-up-a-test-environment-for-intune-and-configmgr-current-branch-or-technical-preview

If you aren’t up and running with hybrid Intune as yet I suggest you take a look at this guide to get yourself into a good position.

This quick guide assumes you are already in this position and are ready to enrol. I noticed that Robert is going to show you how to enrol a iOS and Android device. So here’s a quick how-to to get your Windows 10 phone MDM enrolled.

As always, take a look at the official Microsoft TechNet documentation. I am going to be running through some of the steps within ‘Setup hybrid mobile device management (MDM) with System Center Configuration Manager and Microsoft Intune’ here as Robert has already covered the steps that get the environment set up.

Configure MDM enrolment

Login to the Azure Management Portal at https://manage.windowsazure.com.

Navigate to ‘Active Directory’ and select your Directory.

2017-03-09 23_01_56-Active Directory - Microsoft Azure.jpg

Click Applications and select ‘Microsoft Intune’

2017-03-09 23_02_08-.jpg

Next click ‘Configure’

2017-03-09 23_02_45-Active Directory - Microsoft Azure.jpg

Accept the default values for the URLs and specify which users’ devices should be managed by Microsoft Intune. I have selected ‘All’. Save the configuration.

2017-03-09 23_06_51-.jpg

Set up CNAME for enrolment

Next ensure that you have a DNS alias for device enrolment set up for your public DNS. This makes it easier for devices to be enrolled. If you are currently pointing to ‘manage.microsoft.com’ then it will no longer work for enrolment and hasn’t since February 11 2017.

You have to ensure that the following CNAME or alias is configured:

Type Host name Points to
CNAME EnterpriseEnrollment.<yourdomain> EnterpriseEnrollment-s.manage.microsoft.com

You can check if you have this set up by running the following PowerShell.

resolve-dnsname -name EnterpriseEnrollment.<yourdomain> -Type CNAME

You will get the error below if it is not set up.

cnamecheck-001.jpg

Set up the CNAME accordingly wherever you manage your public DNS.2017-03-09 23_21_24-easyDNS - Control Panel_ DNS Settings.jpg

Give time for the CNAME to become live. Re-run the PowerShell command to ensure the CNAME is operational.

2017-03-09 23_21_29-Administrator_ Windows PowerShell.jpg

Set up ConfigMgr for Windows phone enrolment

In the Administration workspace, go to Cloud Services > Microsoft Intune Subscriptions. Right click and select Properties > Windows Phone.

2017-03-09 22_18_25-Greenshot.jpg

Enable ‘Windows Phone 8.1 and Windows 10 Mobile’ and Apply.

2017-03-09 22_19_49-Microsoft Intune Subscription Properties.jpg

Installing the Company Portal app and enroling the Windows 10 device

Open up the Windows Store and search for the Company Portal app and select Get.

wp_ss_20170309_0003.png

Once installed, launch the app and tap the ‘My Devices’ message.

wp_ss_20170309_0006.png

Tap ‘Enroll this device’

wp_ss_20170309_0007.png

Tap ‘Connect’

wp_ss_20170309_0008.png

Sign in at the ‘Microsoft Intune Enrollment’ screen.

wp_ss_20170309_0020.png

wp_ss_20170309_0021.png

Tap ‘Finished’ when set up is complete.

wp_ss_20170309_0022.png

The device will be connected via MDM.

wp_ss_20170309_0023.png

The device will appear in the ConfigMgr console shortly after.

2017-03-10 01_01_30-Greenshot.jpg

 

 

3 comments

  2. Pingback: iOS MDM enrolment via hybrid Intune/ConfigMgr – SCCMentor – Paul Winstanley

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s