Updated 2018-03-19 One of Microsoft Intune feature is to deploy useful mobile applications that your users need to get their job done. We can think of the Office suite such as Word, Excel, Powerpoint and One Note. This blog post will show how to deploy Microsoft Word on managed iOS devices with Microsoft Intune and SCCM. This is the 9th post of the Mobile Device Management with Intune and SCCM 2012 blog series. Microsoft Word for iOS devices requires Mobile Application Management (MAM) policies in Microsoft Intune. Since it’s a pre-requisites for Microsoft Word, we will configure a MAM policy … Read More
No Enrollment Policy during Intune Client Installation
When a company wants to manage an iOS mobile device, an Apple Push Notification Service (APN) certificate is installed on the iOS devices. This certificate installation makes sure that the connectivity between the devices, Apple, and your MDM solution is trusted. Intune makes no exception to this process. It’s the main reason why, from Intune or SCCM console, you have the possibility to send remote actions directly on iOS devices. After the certificate is configured in Intune, users can install the Company Portal app to enroll their devices (Android, iOS, Windows). When you open the Company Portal for the … Read More
How to enable Android for Work in SCCM and Intune
Starting with SCCM 1702, mobile device management with SCCM and Microsoft Intune (Hybrid) now supports Android for Work device enrollment and management. You can manage compliance settings, wipe or delete Android devices, deploy apps, and collect software and hardware inventory. Users can download the Android company portal app from Google Play that lets them enroll Android for Work devices. Enable SCCM Android for Work The first step is to create a Google account and configure your Intune subscription to accept Android for Work devices. Refer to our previous blog post, if you don’t already have an active Intune subscription. Create … Read More
Send Sync Request to Intune Mobile Devices from SCCM 1610 Console
This month, SCCM 1610 was released with a bunch of new features, including exiting Intune features. One of these Intune feature is to send sync request directly from the SCCM console. It’s a new remote actions that Intune administrators will use daily. For example, you can send sync request to a mobile device that is having deployment or client health issue. In fact, each mobile devices managed by Intune need to communicate with Intune to get the latest policy and compliance state. Normally, the Intune client synchronizes every 6 hours for iOS and 8 hours for Android. Additionally, there’s a scan every … Read More
How to Strengthen Security for Intune with RBAC in SCCM
The majority of companies use SCCM to manage laptops, computers, servers and some for mobile devices, if they use Microsoft Intune in hybrid mode. In some situations, Intune and SCCM management is done by 2 different teams. Except for the Full Administrator role in SCCM, it’s possible to separate Intune with Configuration Manager infrastructure in the console by using security roles and security groups (RBAC). The goal is to ensure that an Intune administrator does not access Configuration Manager client devices and objects, as you don’t want to end up with people who may wipes or manages mobile devices when they are … Read More
Intune Client | Error User License Type Invalid
The starting point of all mobile management project is enrolling devices. Without enrollment, you can’t manage any devices. When running in hybrid mode, the enrollment process is different than running Microsoft Intune in standalone mode. The SCCM Service Connection Point role keeps connectivity between both end (SCCM on-premise and the Cloud). Both environments must be synchronized, otherwise, you have chance of getting Intune error User License Type Invalid during Intune enrollment on your mobile devices. This post will explains how to resolve this issue. Intune Error User License Type Invalid This is the error message shown just before the enrollment process when you click Enroll : If … Read More
Use IMEI Numbers with SCCM and Intune to identify Corporate Devices
Last January, Microsoft released an update for Intune standalone environment in which you can import international mobile equipment identity (IMEI) numbers for mobile device platforms that have an IMEI number to help identify corporate-owned mobile devices. Once enrolled in Intune, devices with imported IMEI numbers are tagged as Corporate, which can be used for applying policies that are different than those applied to Personal devices. What happens if you use an Intune hybrid environment? SCCM has no built in tool to add a list of IMEI numbers and switch device owners from Personal to Company when devices are enrolled. In this post, we will configure SCCM … Read More
How to install Microsoft Intune Client for MAC OSX
Did you ever wanted to install the Microsoft Intune client on MAC OSX? Microsoft Intune standalone supports Apple operating systems since November 2015. SCCM 1602 is required to support the Microsoft Intune client with the SCCM connector (hybrid environment). The Intune client is a lightweight version of the SCCM client. You can deploy some policies, SCEP certificates, VPN and WiFi profiles. There is also a hardware inventory scan on the devices. In a previous post, we explained how to set up a compliance policy for MAC OSX, now that our client is ready to receive the compliance policy, we will install the … Read More
How to set up MAC OSX Compliance Policy for Microsoft Intune Client with SCCM
Microsoft Intune is a mobile device management tool that supports a variety of operating systems. Obviously, Intune supports the popular operating system Mac OSX. Since November 2015, companies that use standalone version, it’s possible to install the Intune client on MAC OSX devices. With the latest release of SCCM 1602, hybrid environment can enrol MAC OSX. The Microsoft Intune client allows the deployment of policies, SCEP certificates, VPN and WiFi profiles. It’s also a new way to inventory your MAC. Before enrolling a Mac OSX in Intune, a compliance policy must be configured to apply a minimum of security control. This post will explain … Read More
Referenced Configuration Items Not Available in SCCM
Are you importing your applications in SCCM when it’s time to copy applications from one environment to the other? In some company, SCCM is installed twice, one for development and one for production. SCCM in a development environment provides flexibility but it adds additional cost to maintain both environment. Using the import application wizard in SCCM can ease the process and save time to copy applications from one to another environment. In the best of worlds, it is best to keep environment identical much as possible, but it is very difficult to get there. The problem is that you can end up with missing features … Read More