Setting up Apple / iOS devices in Intune
You will see questions about Microsoft Intune, configuration profiles, and compliance policies. You won't see any questions about how to set up a device in Intune but I thought it was important for you to see so I've created a lesson. If you already set up Intune to work with iOS devices or are only concerned about passing the MS-500 feel free to skip this lesson.
Configure Apple enrollment
Before you can add iOS devices to Microsoft Intune you'll need to connect your Intune tenant to Apple. Setting up the Apple connector is a little more complicated than the Google side of things. But Apple doesn't have as many enrollment profiles so that's nice.
1. Go to Microsoft Endpoint Manager admin center > Devices > Enroll devices > Apple enrollment > Apple MDM Push certificate. Click I agree > Download your CSR. Save the file to a location on your computer. Click Create your MDM push Certificate.
2. Create an Apple ID and then sign in. Click Create a certificate. Click I have read and agree. Click Accept.
3. Click Choose File and select the file you downloaded in step 1 (after clicking Download your CSR). Click Upload.
4. Click Download and save the certificate to a location on your computer. Go back to the Microsoft Endpoint Manager admin center page that we opened in step 1.
5. Enter your Apple ID in step 4. Click the browse button under step 5 and select the PEM file you downloaded in step 4 above. Click Upload.
Once you're complete you'll see a notification saying "Uploading your MDM push certificate" and you'll notice the Enrollment methods and options are unlocked.
Enrolling iOS devices
Similar to Andriod devices, iOS devices can be enrolled in multiple ways (although not nearly as many options as Android has). The device can be personally owned or corporate-owned. Unlike Android, you can also have users select whether the device is corporate-owned or personally owned when setting up their device. In this guide, we'll only be covering personally owned devices.
1. Open the App Store and search for Intune Company Portal. Once installed open the app.
2. Click Sign in. Sign in using your Microsoft 365 credentials.
3. On the Get notified page click OK. On the "Comp Portal" would like to send you notifications click Allow.
4. Click Devices. Click the device you are currently using. Click Begin setup > Begin
5. Click Continue > Continue. On the "This website is trying to download a configuration profile" prompt click Allow. On the "Profile Downloaded" prompt click Close.
6. Click Continue > Continue. On the How to install management profile page click the home button.
7. Open Settings > Profile Downloaded > Install > Install > Install > Trust > Done. Click the Home button.
8. Open the Comp Portal app. Click Done.