Configuring Intune in PKIaaS

Create a PKIaaS enrollment workflow configuration for MDM Intune enrollment.

To create a MDM Intune enrollment workflow configuration in PKIaaS:

1. Follow the steps described in Accessing your partitions to log into the PKIaaS interface as a user with any of the following roles:

   • Owners
   • Enrollment Workflow Administrators

2. Click Enrollment Workflows in the sidebar.

   

3. Click Create Workflow Configuration.

4. Click MDM and then Intune.

   

5. Configure following settings.

   • Workflow Configuration Identifier
   • Intune Tenant ID
   • Intune App ID
   • Intune App Key
   • Description
   • Authority Identifier
   • Certificate Profile

6. Click Create.

7. In the confirmation dialog, copy the URL of the SCEP URL field.

   

Workflow Configuration Identifier

Enter a unique identifier for the new configuration in your PKI. This identifier:

• Must contain 2–18 characters.
• Can only include lowercase letters, numbers, hyphens (’-’), and underscores (’_’).

Intune Tenant ID

Paste the Directory (tenant) ID value previously obtained when Creating an Intune application in Azure.

Intune App ID

Paste the Application (client) ID value previously obtained when Creating an Intune application in Azure.

Intune App Key

Paste the secret value previously obtained when Creating an Intune application in Azure.

Description

Enter an optional description of the workflow purpose.

Authority Identifier

Select an issuing subordinate CA with profiles of the intune group.

Certificate Profile

Select an intune profile of the CA for issuing the enrolled certificates.