Blog series about how to integrate Microsoft Intune and ConfigMgr with Single Sign-On

A few weeks ago I did a blog post about How to configure a relying party trust between on-premises AD FS and Microsoft Azure AD for single sign-on in Microsoft Intune. Based on that blog post I’ve got a lot of feedback of people mentioning that it was a great post, but that they would like to see the complete picture. That made me decide to create a step-by-step guide for a basic lab setup of Microsoft Intune and ConfigMgr with single sign-on. Starting today the complete series is online on windows-noob. I’ve sliced this guide in to the following four pieces: How to integrate Microsoft Intune and System Center 2012 R2 Configuration Manager with Single Sign-On – Part 1: Introduction and prerequisites; This first …

Read more

How to troubleshoot Windows Phone 8.1 enrollment via Microsoft Intune

In this blog post I want to put a spotlight on the troubleshooting of Windows Phone 8.1 enrollment in Microsoft Intune (with or without ConfigMgr integration). The problem with Windows Phone enrollment was that there was little to no log information about the enrollment process, but that has changed with Windows Phone 8.1. Before Windows Phone 8.1 there were only some log files (like the dmpdownloader) when the integration with ConfigMgr was used, but in most occasions they wouldn’t show helpful information. Starting with Windows Phone 8.1 this has changed and there is the ability to get some logging of the mobile device. It’s not an easy process, and probably not an option in every situation,  but it will help to verify the health of …

Read more

How to configure a relying party trust between on-premises AD FS and Microsoft Azure AD for single sign-on in Microsoft Intune

One of the things that is often requested by customers is to configure single sign-on for Microsoft Intune (with or without ConfigMgr integration). The main reasons for that request are simple, it’s to make the user experience better and to prevent the user from having different accounts and passwords. In this blog post I will show how relatively easy it is to federate on-premises Active Directory Federation Services (AD FS) with the Microsoft Azure Active Directory (Micorosoft Azure AD). The best thing about this is that after this configuration is done, all Microsoft Intune authentication requests will redirect to the on-premises AD FS. Also, in this post I will skip a few important steps (see prerequisites). I assume that those steps are more common knowledge. …

Read more