Enrolling a Mac into Microsoft Intune

Mac management with Intune is something that I’m asked about fairly regularly. While our support today (at time of post) is limited, it’s very simple to offer this to your users. For those without a Mac handy, I wanted to show you the enrollment process for a Mac device.

Firstly, you need to make sure iOS and Mac enrolment is enabled on your Intune tenant. This means you need a valid APN cert.

You can check via the Admin section of the Intune admin portal.

image

If you need instructions on how to setup iOS and Mac support, see here for more info

https://docs.microsoft.com/en-us/intune/deploy-use/set-up-ios-and-mac-management-with-microsoft-intune

Now we want to enroll my Mac device.

First, open Safari and browse to https://portal.manage.microsoft.com

1

Login using your Intune licensed user

2

You’ll be presented with a list of your enrolled devices. For my user, he doesn’t have any devices yet.

You’ll see a banner at the top of the page that says “Either this device isn’t enrolled, or the Company Portal can’t identify it. Tap Here to select a different device”

Click on the Tap Here link to begin the enrollment

3

You’ll be presented with an enrollment prompt. Press the Enroll button

4

Then confirm the enrollment by pressing Install

5

The Mac will then direct you over to the System Preferences to install the management profile. This workflow is required by Apple to manage the device, and is very similar to the iOS enrollment prompts.

First, you’ll be asked if you want to install the Management Profile. Select Install.

6

Next, you’ll be asked to confirm, this time with the Intune management URL presented to ensure you trust the management profile source. Press Install.

7

Once the install is complete, you’ll have a Management Profile applied in your Device Profiles. This means this device is now under the Mobile Device Management of Intune.

8

And if I come back to my Intune portal (https://portal.manage.microsoft.com) you’ll see that my device is now listed as a managed device.

9

Now any WiFi, VPN, security settings or .mobileconfig file you deploy to this Mac will receive the configuration and apply to the device.

Until next time.

Matt Shadbolt
Senior Program Manager
Enterprise Client and Mobility – Intune