Skip to main content

Intune

Description

Microsoft Intune is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). You control how your organization’s devices are used, including mobile phones, tablets, and laptops. Intune plugin has been designed to perform Intune tasks.

Prerequisites:

  • Create Intune instance with access details and Intune Credentials - On Azure Portal: https://portal.azure.com/

  • Create Credentials for Intune: Steps to generate Credentials (Tenant ID and Client ID and Client Secret):

    • Credentials for Intune include Tenant ID, Client ID and Client Secret.
    • Login to Azure AD with Global Administrator account type. Global Administrator account type can access all the managed content (Devices and Applications) APIs by creating an application.
      Use the portal (portal.azure.com) to create an Azure AD Application and Service Principal (Global Administrator) that can access resources. Note: the Tenant ID and Client ID of the Application.
    • Create a new Application Secret/Client Secret.

  • The following permissions are required:

Permission typePermission (from least to most privileged)
ApplicationDeviceManagementManagedDevices.PrivilegedOperations.All,DeviceManagementManagedDevices.ReadWrite.All

Refer Intune- Generate Client Credentials to generate Credentials and assign the permissions mentioned in the table above.

References

  • Manage Devices with Microsoft Endpoint: http://endpoint.microsoft.com/
  • Intune Device Enrollment: https://docs.microsoft.com/en-us/mem/intune/enrollment/
  • API Reference: https://docs.microsoft.com/en-us/graph/api/resources/intune-graph-overview?view=graph-rest-1.0
  • https://docs.microsoft.com/en-us/mem/intune/
  • https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-configure-app-access-web-apis
  • Supported operating systems and browsers in Intune
    https://docs.microsoft.com/en-us/mem/intune/fundamentals/supported-devices-browsers

Notes

  • The Plugin has been tested on Android and Windows devices
  • Remote lock operation is not supported by 'Windows' devices, so Remote Lock By Device ID/Username plugins are not applicable for Windows devices.
  • Device ID Type: 'Phone number' and 'IMEI' is only supported for cellular devices.
Last updated on