How to enroll an iOS mobile device into Microsoft Intune 

Description:  this procedure will guide you through the necessary steps to enroll an ios device into Intune. This is Microsoft’s Mobile Data Management (MDM) platform

 

If you currently have the Outlook for iOS mail app installed on your device, please delete it as Intune will assume management of the application and may cause an issue during setup.

 

The use of the native Android Mail app is NOT supported and cannot be used.

 

Please download the Symantec VIP application and register your device prior to enrolling.

1. Download the following app “Company Portal” from the app store. This is a free app.

 

  1. After the app downloads to the device, tap on it to open it up. You will be presented with this screen.

 

  1. Next, you will enter in your corporate email address.

 

 

  1. After entering your email address, tap “next”. Your enrollment is being redirected to MSHS login in portal.

 

 

  1. You will then be prompted to enter your password.

 

  1. You will then see a prompt to enter in your secure token (Symantec VIP).  You can open up the app on you device and copy/paste the current code then paste it into the box below

 

  1. Your enrollment will continue with the establishment of a connection to Intune.

 

  1. The next screen, will start the access to the Mount Sinai corporate email account. Please tap on “Begin”

 

  1. You will then be see the following screen which is showing the download management profile (new in iOS 12)

 

 

  1. You will see the following screen which is showing that the Intune management portal site is attempting to download the profile configuration. Please tap “allow” for the profile to download

 

 

 

  1. Open up settings on your device. You will then see a section “Profile Downloaded”. This is the mdm profile downloaded from Intune. Tap close.

 

 

  1. Go to the settings app on your device, Tap on the Profile downloaded section then tap Install.

 

Tap Install to have the certificate added to your device.

 

Tap Trust to allow the profile source to manage your device for remote management.

 

Tape done to complete the profile installation.

 

 

  1. The next screen will display the following screen which is showing that the MDM portal is confirming device settings to ensure it meets the required configurations.

 

 

 

  1. You will then see the following screen which will show you what can and cannot be seen on your device by the MDM platform. Tap “continue”

 

  1. You will then be prompted to enter your credentials. Tap on edit settings.

 

  1. The next screen will direct you to enter your password for your account.

 

 

  1. The following screen will be presented to ask about signing into your iOS accounts. Please tap “Continue” to go to the next step.

 

  1. The following screen will appear once all of the installs are completed on your device.

 

  1. Next, you will see this screen which is for informational purposes only. It will alert you to notifications about service in the MDM portal. Tap “OK then tap “allow”.

 

 

  1. Please note: Once your device is “enrolled” into Intune, your device will be in a non-compliant state. This will resolve itself within 1 hour. You can tap on the “Company Portal app” to view information about your device and account.

 

  1. From within the portal, you can check on your devices. Tap on “Devices”.  Just select the device you have and tap on it. It will show the device you are currently using (if you have multiple devices enrolled).

 

  1. Tap on the device, it will then open up and show you information about the device.

  1. If you wanted to remove the device from Intune, you can tap on the ellipses and select “Remove Device” which will delete your device from enrollment in Intune.

 

Password update information

Within 30 days or during a password change, you will be prompted to reenter your credentials into your account. You will be asked to enter your current or changed password.  You can simply change it by going to Settings on your device and scroll down until you see “Passwords and Accounts”

Then you can select the email account associated with Intune (Mount Sinai E-Mail – O365) . The password field will only be available during the password change otherwise, it will be hidden.

  1. Note: When you un-enroll your device, all managed apps including Outlook, word, etc will be removed from your device. When you reenroll, those apps will be once again assigned to your device.

 

  1. If you have Outlook on your phone for personal accounts, enrolling into Intune will force the application to be “managed”. You will see the following type of message appear on your device. Similarly, you will see these type of messages if you happen to have other Microsoft Office apps like OneDrive, Word, excel, etc.

 

  • If you do not have Outlook, please follow the below

 

  • Open the Company Portal icon. This will take you to the “APPS” page
  • Click “View all apps” Scroll down to “Microsoft Outlook”, click then choose Install
  • When you launch Outlook for the first time, it will show 1 email account found. Click box “Add Work Account”
  • Click “Ok” to allow Outlook to access your contacts. Then click Ok again to restart the app
  • Click the Outlook app to open.

 

  1. You can also download the other Microsoft suite of apps for your device. These will include Word, Excel, OneDrive, etc. To access these apps, open up the company portal then tap on “Apps” on the lower left hand side

 

  1. Once you tap on the “apps” icon, you will then see the following screen displaying all apps available. From this view, you can download the One Drive app as an example.

 

  1. To download the app, simply tap on “OneDrive” then once it opens, tap “Install”