Jump to content


anyweb

Mobile Device Management with Configuration Manager 2012 R2 - Part 1. Integrating Microsoft Intune

Recommended Posts

Hello,

First off, thank you; awesome guides.

 

I followed the guide all the way and got stuck on device enrollment ...

 

post-27044-0-36136800-1418994371_thumb.png

 

I googled the error and there is not a whole lot of information out there. This Technet article referenced this. I checked and it appears right ...

 

post-27044-0-61455100-1418994372_thumb.png

 

I have registered my domain and verified the UPN is accurate on my test user ...

 

post-27044-0-86747400-1418994368_thumb.png

post-27044-0-99037100-1418994373_thumb.png

 

I am unable to login with: user@yourpublicdomain.com

The original error occurred when logged in with: user@yourpublicdomain.onmicrosoft.com

 

And here is the log file..

CompanyPortal-Log.log

 

P.S. It was a little confusing that you were logging in with @windowsintunenoob.com as it was the first time in the guide that it was referenced. Up until that point everything was @windows-noob.com.

Share this post


Link to post
Share on other sites

I had the same problem recently in another lab I was doing, see below

 

for those that have the same problem as me, try signing in (to your company portal on iOS) with your normal account (omit the onmicrosoft.com),both accounts log on just fine to the company portal on my phone.... hence the confusion.
I was trying to enroll using:-

niall@windowsintunenoob.onmicrosoft.com
which failed with the no MDM authority defined message....
whereas

worked.

 

 

as regards your comment about me switching domain name during the guide yes I agree it might be confusing, i'll consider fixing it with new screenshots...

  • Like 1

Share this post


Link to post
Share on other sites

as an update, I've edited the original post to show screenshots from the updated Intune portal, including changing the name within the guide to point to windowsintunenoob.com instead of windowsnoob,

Share this post


Link to post
Share on other sites

Hello,

 

we have configured all the necessary steps (ad synchronisation, the intune subscriptions to clients, domain verification, sccm connector,.. )

 

visited hundreds of sites to come to the same problem, device enrollement is impossible

 

first of all i would like to ask, is Windows server 2012 R2 mandatory for intune to work? we are currently running Windows server 2012 (no sp1)

 

if this is not true could you answer the following questions please :

 

1)We would like to manage only windows phone 8.1 devices, not deploy any applications, correct?

 

2)The company portal app is downloaded from the Microsoft store on the phone, so no need to be signed by a certificate?

 

3) The user must have the same user name and UPN in the AD Azure, as in the in the local AD to identify correctly

 

4) Is the DNS alias mandatory(as this is only a redirection)? As we can specify manually on the phone the server "manage.microsoft.com"?

 

5) I saw there was a way to view logs though the “field medic” app however after opening them and only seeing Event IDs(task manager), this didn’t help me a lot, am i doing something wrong?

 

i've also tested on android phones downloading the company portal from google play store, the device still isn't enrolled.

 

any ideas?

Share this post


Link to post
Share on other sites
visited hundreds of sites to come to the same problem, device enrollement is impossible

 

 

what happens when you try to enroll a device ? be specific please

 

did you follow all the steps in my guide step by step ?

Share this post


Link to post
Share on other sites

Hello,

thank you for the quick response,

 

yes all steps have been done except the following :

 

-while configuring the windows intune subscription in sccm

no company contact Info(only available for Server 2012 r2 i think)

no company Logo (only available for Server 2012 r2 i think)

 

-no baselines/ configuration Items configured for android

 

-enabling of windows phone 8 is not enabled at the moment (was actif beforehand, but has been disabled since)

As we do not want to distribute the company portal through sccm, (should be easier to install company portal app through windows app store).

From what i understand the checkbox only needs to be checked if you want to deploy the signed company portal app correct?

 

However android was enabled and i still coudn't enroll it

 

here is what happens when i try to enroll the windows phone 8.1

 

i start from the company portal app

post-29365-0-40557600-1429103205_thumb.png

 

(notice how we have managed to enroll a pc for my account)

 

which directs me to the workplace

post-29365-0-46407900-1429103201_thumb.png

 

i enter my credentials which asks me for the server as the dns was not configured (optional)post-29365-0-19104600-1429103203_thumb.png

 

i log onto the intune portal successfully

 

post-29365-0-93315800-1429103203_thumb.png

 

and get the message enrollement failed contact your IT support

 

post-29365-0-71240500-1429103204_thumb.png

 

thank you for your time.

Share this post


Link to post
Share on other sites

Hey Guys,

 

Is it possible to dirsync only select members? like in the howto? It seems to have sucked up all security groups and users without setting a UPN as it looks like its set by default across the domain.

 

Thanks!

Share this post


Link to post
Share on other sites

Hey Guys,

 

Is it possible to dirsync only select members? like in the howto? It seems to have sucked up all security groups and users without setting a UPN as it looks like its set by default across the domain.

 

Thanks!

 

yes it is possible, we synced only a certain OU based on the AD group :

 

post-29365-0-55685400-1429261013_thumb.jpg

Share this post


Link to post
Share on other sites

-enabling of windows phone 8 is not enabled at the moment (was actif beforehand, but has been disabled since)

As we do not want to distribute the company portal through sccm, (should be easier to install company portal app through windows app store).

From what i understand the checkbox only needs to be checked if you want to deploy the signed company portal app correct?

 

 

if you want Intune Hybrid to support Windows Phone then "Enable Windows Phone 8 enrollment" must be selected, it will not work if it is not selected.

Share this post


Link to post
Share on other sites

Hello again,

 

Sorry for the wait,

 

First of all thank you for the documentation it cleared up my vision how how intune hybrid works, i didn't know you were obliged to download the app from sccm if you wanted a hybrid connexion.

Before retrying to enable windows 8 phone, I’d like to confirm something, we recently had a phone call with a member of staff of windows Intune.

 

He told us that it is possible to sign the application with a certificate other than Symantec, we currently have a wildcard certificate, would it be the same method to sign the company portal app?

 

2nd why would android devices not enroll if their checkbox was activated in sccm.

 

This makes me think that the problem doesn't come uniquely from the disabled checkbox.

 

thank you

Share this post


Link to post
Share on other sites

 

yes it is possible, we synced only a certain OU based on the AD group :

 

attachicon.giftemp.jpg

 

Thanks faucheur, Im not familiar with Azure AD connect tool in that picture.. just following this guide via dirsync.. I presume this is for single-sign on? that's a step later for me

Share this post


Link to post
Share on other sites

have you seen this

 

http://configmgrblog.com/2015/05/17/mobile-application-management-support-arrived-in-configmgr-2012/

 

and have you looked at these MSIGnite videos ?

 

http://channel9.msdn.com/Events/Ignite/2015/BRK3850

 

http://channel9.msdn.com/Events/Ignite/2015/BRK3856

 

i believe Microsoft will be releasing a blog to further clarify MAM,

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...