Configuring Intune in PKIaaS

Create a PKIaaS protocol configuration for MDM Intune enrollment.

To create a MDM Intune configuration in PKIaaS:

1. Follow the steps described in Accessing your partitions to log into the PKIaaS interface as a user with any of the following roles:

   • Owners
   • Protocol Operators

2. Click Enrollment Protocols in the sidebar.

   

3. Click the plus + icon to the right of the Protocol Configurations tab.

4. Select MDM Intune in the Type list.

5. Configure the following values.

   Field	Value
   Protocol Configuration Identifier	Enter a unique identifier for the new configuration in your PKI. This identifier must be 2-18 characters long and can only include lowercase letters, numbers, hyphens (’-’), and underscores (’_’).
   Intune Tenant ID	Paste the Directory (tenant) ID value previously obtained when Creating an Intune application in Azure.
   Intune App ID	Paste the Application (client) ID value previously obtained when Creating an Intune application in Azure.
   Intune App key	Paste the secret value previously obtained when Creating an Intune application in Azure.
   Description	Enter an optional description of the protocol purpose.
   Authority Identifier	Select an issuing subordinate CA with profiles of the intune group.
   Certificate Profile	Select an intune profile of the CA for issuing the enrolled certificates.

6. Click Create.

7. In the confirmation dialog, copy the URL of the SCEP URL field.