Enable, install, and configure the Intune Certificate Connector

To enable support for the Certificate Connector

  1. Open the Intune administration console, click Admin > Certificate Connector.
  2. 337

  3. Click Configure On-Premises Certificate Connector.
  4. 338

  5. Select Enable Certificate Connector, and then click OK.
  6. 339

To download, install and configure the Certificate Connector

  1. Click on Request certificate then Enroll Client Certificate “IntuneTemplate”
  2. 340 341

  3. Open the Intune administration console, and then click Admin > Mobile Device Management > Certificate Connector > Download Certificate Connector.
  4. 342

  5. After the download completes, run the downloaded installer (ndesconnectorssetup.exe)
  6. 343

  7. Click Next
  8. 344

  9. Click Next
  10. 345

  11. Click Next
  12. 346

  13. Select SCEP and PFX Destination Click Next
  14. 347

  15. Click Select Client Intune Certificate
  16. 348

  17. Click Next
  18. 349

  19. Click Install
  20. 350

  21. Select Launch Intune connector and click finish
  22. 351

  23. Click sign-in
  24. 352

  25. On Advanced Tab, Type Credential
  26. 353

  27. Successfully Enrolled, Click Ok
  28. 354

  29. Specify Credential. Click Apply and Close windows
  30. 355

  31. Open a command prompt and type services.msc, and then press Enter, right-click the Intune Connector Service, and then click Restart.
  32. 356

  33. validate that the service is running, open a browser and enter the following URL, which should return a 403 error: http:// <FQDN_of_your_NDES_server>/certsrv/mscep/mscep.dll. You are now ready to configure certificate profiles.
Advertisements
This entry was posted in Microsoft Intune. Bookmark the permalink.

13 Responses to Enable, install, and configure the Intune Certificate Connector

  1. Pingback: Enable access to company resources using Certificate profiles | Mai Ali's Technical Blog

  2. zepafonso says:

    Hi Mai Ali,

    I try to follow your steps but in this part ” Click on Request certificate then Enroll Client Certificate “IntuneTemplate” “, the cerificate doesn’t apper for me.
    What’s wrong ? Could you help me ?

    Thanks!

  3. zepafonso says:

    I tryed again and i receive the message:

    Network Device Enrollment Service
    Network Device Enrollment Service allows you to obtain certificates for routers or other network devices using the Simple Certificate Enrollment Protocol (SCEP).
    This URL is used by network devices to submit certificate requests.
    To obtain an enrollment challenge password, go to the admin URL. By default, the admin URL is http://NDESSERVER/CertSrv/mscep_admin
    For more information see Using Network Device Enrollment Service .

  4. zepafonso says:

    And i still have a doubt.
    It’s possible with the e-mail certificate deliver a new password to the ios device every time that the password is changed without user need to retipe this new pass ?

    Thanks

    • Paulo says:

      Hi Mai,

      Could you help me with an information ?
      I would like to know if I could implement that infrastructure in which type of environment ?
      Cloud, on premises or hybrid ?

      Thanks!

      • Mai Ali says:

        Hi Paulo,
        Sure, The connector should be implement On-Premises, but other configure will be done from Portal as mention on Post.

    • Mai Ali says:

      Hi Zepafonso,
      I didn’t get your point. what’s relation between certificate and password???
      if password change and it still not sync on mobile device, it will be related to Exchange ActiveSync.

  5. Paulo says:

    So, autentication via SCEP certificate it’s not possible correct ?
    Sorry for my doubts

  6. Kevin Myrup says:

    Email authentication via certificate is possible. You would deploy the email profile and select certificate authentication.

    Now, for setting up NDES Connector, To get a client authentication certificate for it, you need a certificate issued by the company Certificate Authority, or a public CA, which contains “Client Authentication” EKU. Once your ndes server has obtained this, the install wizard will find it and allow you to select it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s