Intune Configuration for IOS

asked 2020-08-19T20:06:33.533+00:00
stavros mitchell 46 Reputation points

Hey Everyone,

I just have a question I am pretty sure the answer is not needed but wanted to validate. I have a client who wants to set up Intune for all his users Iphones, He would like to start with deploying a certificate to the phones and deploying an application to the phone. Is ADConnect required for this?

thanks for the help

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,046 questions
No comments
{count} votes

Accepted answer
  1. answered 2020-08-20T02:49:06.757+00:00
    CiciWu-MSFT 1,156 Reputation points

    ADConnect is not necessary for deploying a certificate to the phones and deploying an application for Intune standalone management scenario. But it might be used via hybrid scenario. For example, Azure AD Connect will provide the function of Federation, which is an optional part of Azure AD Connect and can be used to configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.

    Reference: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/whatis-azure-ad-connect

    By the way, for deploying a certificate, the following certificate Connector is necessary for deploying a certificate:

    To use the following certificate profile types, you must install the Microsoft Intune Certificate Connector:
    o SCEP certification profile
    o PKCS certificate profile
    To use PKCS imported certificates:
    o Install the PFX Certificate Connector for Microsoft Intune.
    Reference: https://learn.microsoft.com/en-us/mem/intune/protect/certificates-configure

    No comments

1 additional answer

Sort by: Most helpful
  1. answered 2020-08-22T22:41:18.007+00:00
    Jason Sandys 30,881 Reputation points Microsoft Employee

    While technically correct, @CiciWu-MSFT 's answer is probably not suitable as it depends on the details.

    Users, in most cases need to sign into the Company Portal using an Azure AD identity.

    So, the first question here is do your users already have Azure AD identities? If not, do they have on-prem AD identities?

    Next, how exactly will you be enrolling the devices? Assuming they are existing devices, ADE is not possible and you probably don't want to set up Apple configurator meaning that the users will have to download Company Portal and enroll their devices (which, as noted, requires an Azure AD identity).

    No comments