Office 365 MDM Enrollment Process

Back to Blog
01Feb2016

Office 365 MDM Enrollment Process

I added an account named “clouduser1” for the purposes of this demo.  Before enabling MDM for this user, I added the email account to my iPhone.

The reason I did this is so that we can see the enrollment process for a user who may have previously configured their device for company Email. You can also just skip right to the app store and download the Microsoft Intune Company Portal app to get started with the process straight away.

Follow along with the images below to see what the process looks like–it is fairly painless, if a little long (can’t we reduce the number of screens we have to step through here, Microsoft?)!

First, I opened my email and found this little message waiting for me, so I tapped on Get started now.

IMG_2656

Following the link, I was able to download the app from the store.

IMG_2658

After it was installed, I opened it up, and signed into the account.

IMG_2659

Then I was able to step through several screens, starting with Begin.

IMG_2660

After that it seems like you just need to tap on ContinueEnroll, or similar a bunch of times.

IMG_2661

IMG_2662

IMG_2663

Install.

IMG_2664

I thought I already said Install!

IMG_2665

Trust.

IMG_2666

Done.

IMG_2667

Oops! Just kidding–not done. Open.

IMG_2668

Oh, that was just the first of these. Continue.

IMG_2669

Ah-ha!  This next step would not be necessary, except that the Email account already existed on the phone.  It seems that some of the MDM policies can only be applied when the Email is first added?  In any case, it explains here that you have to go into your phone’s settings and remove the Email account before continuing.

IMG_2670

Check Compliance once you’ve done that, and you should be able to Continue.

IMG_2671

Done.

IMG_2672

Oh yeah, except that you’ll still need to enter your Email password the first time you open your Email application.

IMG_2673

Okay, that’s everything.  You are now Mobile Device MANAGED, Mr. iPhone.

In my opinion, this is a ridiculously cumbersome process, so you’ll want to be deliberate about rolling it out to people. Also, note that a full MDM (Intune) may have enough carrots included to warrant this kind of thing, but the default MDM features “included” with Office 365 plans may not be worth it, and you could be better off with a simple EAS policy, instead.

Technical , , , 0 Comments
Share:

Leave a Reply

Back to Blog

Related Posts

03Oct

Windows Information Protection done right, part 2: typical set up steps

Last time we talked about a couple of key concepts including enlightened and non-enlightened apps, and how Windows Information Protection (WIP) treats corporate data differently than personal. In short, a non-enlightened app and all of its data will be treated by WIP as personal (by... read more
23May

Best Practices: Time synchronization with virtual Domain Controllers

In Hyper-V virtualization, a guest virtual machine has something called "Integration Services." By default, all of these services are pretty much enabled, including time synchronization. However, this can cause big issues if you have virtual Domain Controllers, and your physical host servers are not getting their time... read more
08Aug

Hyper-V Failover Cluster: MPIO & CSV Storage

Continuing our last post on Hyper-V Failover Clustering, we turn our focus from networking to storage. To bring storage into the picture, we will have to provision some volumes from Storage Spaces, our SAN or other Shared Storage device. This varies by vendor, so see their... read more
Updated Migration Advice
11Jul

Updated Migration Advice: Remove the last Exchange Server?

The last time I published articles on the topic of email migration was in the long, long ago: in the before time. Yes, before pandemics and novel coronaviruses, but also before we had the option to remove the last Exchange server. Some have asked me... read more
18Feb

YES!!! The Encrypt button is coming to Outlook on the Web!!!

I am so happy to see in my tenant the new Encrypt button (replaces the "Protect" button). I am not on the standard release in my tenant, so you might not see this right away if you're just following standard. Any tenant with AIP (e.g. E3,... read more
26Nov

Coming soon to an Azure AD/Microsoft 365 subscription near you: Life without passwords?!

I previously commented when Microsoft released new password guidance, which is backed by their own research as well as that of NIST. A quick recap of that: Require passwords have at least 8 characters. Longer isn't necessarily better, as they cause users to choose predictable... read more
Multi-tenant management for Microsoft 365, and other things
03Sep

Multi-tenant management for Microsoft 365, and other things

IT service providers are constantly looking for more efficiency, and better ways to manage their customers' hardware and software assets. In the Microsoft realm, we finally have Microsoft 365 Lighthouse, which is now in public preview. Some of my MSP customers have raised question marks... read more
20Jun

A framework for implementing device-based Conditional access with Microsoft Intune

I recently shared a set of scripts to help make deployment of Intune a bit quicker. Today I just want to cover a framework which can be used for deploying device-based conditional access in conjunction with your baseline policy set. The main crux of the... read more
07Sep

Tutorial: How-to Setup Azure Site Recovery using Windows Server Essentials, Part 2: Configuration

Windows Server Essentials (or the Essentials Experience role) can be leveraged to quickly provision a full Disaster Recovery site in the cloud, and replicate Virtual Machines from your on-premises Hyper-V server(s) to Azure. The built-in integrations that make this possible are Azure Virtual Network and... read more
Unboxing Microsoft Defender for Business, Part 1: Simplified configuration process
16Jan

Unboxing Microsoft Defender for Business, Part 1: Simplified configuration process

I have been playing with the new product this past month since getting access to the preview. If you have not yet had a chance to see Microsoft Defender for Business in action, then read along! To get your hands on a copy of this... read more

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.

Contact Me