BRP Intune: iPhone Device Enrollment
Intune iOS Device Enrollment
Baldwin Risk Partners
Table of Contents
1. Introduction.
2. Enroll with iPhone.
3. Signing into Outlook on iPhone.
4. Installing available app on iPhone.
The purpose of this document is to walk through how to enroll an iPhone device into Microsoft Intune, sign into Outlook, and install an Intune available app.
2. Enroll with iPhone
Step
Image
Navigate to App Store and search for “company portal”. Select the app called “Intune Company Portal”
After on the Intune Company Portal app page, click on the “Get” button. It will have the cloud download button if you have downloaded it before, or “Open” if you already have it downloaded.
Once the app is finished downloading, the “Get” or cloud button will say “Open”. You can either click on the open button or navigate to your home screen in find with the app was downloaded. Once you have opened the app, it will take you to the screen below. Click the Sign In button.
This will take you to a Microsoft sign in page. Enter your BRP provided email address in the text field and click the Next button.
After you hit next, it will redirect you to the Okta sign in page.
Enter your username and password. This will be the same username and password you use to log into Okta on your workstation. Check the “Remember me” check box then click Sign In.
This will redirect you to the Okta MFA page. Click on “Send Push” button. This will push a notification to the phone you have Okta Verify set up on. If this doesn’t work, you can choose the “Or enter code” link below to enter the code from your Okta Verify app manually.
Once you have clicked the “Send Push”, the button will gray out and you should get a notification to your phone like the image below. You can either click on the notification or navigate to the Okta Verify app on your phone to accept the push.
After you have clicked on the notification, it will take you to the Okta Verify screen. The screen should ask you to verify that it was you that was attempting to sign in. Verify that the information it’s displaying is correct then click on “Yes, It’s Me”.
After clicking the confirmation above, it will take you to the number verification step. It will present you with three numbers. You will need to switch back to the Company Portal app to see what number is being displayed.
If you swipe up from the very bottom of your phone, it should bring up the list of your open apps with the Okta Verify app being on top like the image below. Click on the “Comp Portal” app.
Once you have switched back to the company portal app, there will be a number displayed on the screen that you will need to remember. Once you have that number, switch back to the Okta Verify app using the same process as above.
You will swipe up from the bottom of the screen to bring up your open apps. This time the Company Portal app will be on the top of the list. Click on the Okta Verify app to open it. Then click on the number that was displaying in the company portal app.
Once it confirms the number is right, switch back to the Company Portal app by swiping from the bottom of the phone to view open app list then click on Comp Portal.
The company portal screen will show that it’s signing in to Microsoft Office 365.
After it signs in, it will take you to access set up screen for Intune. Click on the “Begin” button at the bottom of the screen.
After click Begin, it will take you to the Device management and your privacy screen. This screen shows what we can and can’t do/see on your device. Click Continue after reading.
This will take you back to the set-up screen and show that you have reviewed the privacy information with a green check mark. Click on Continue.
It will take you to a screen that will ask you to download a configuration profile. This is needed for device management. Click on “Allow”
Once the download is complete, it will give you a promote showing it has completed. Click Close.
Once back on the Set up screen, click on the continue button at the bottom.
We will now need to install the management profile that was downloaded in the previous step. The screen will show you the instructions on how to do this. I will also have instructions below for this.
To install the management profile, you will first need to go back to your home screen and find your settings Icon. It should be a gray icon with a gear. Click on settings.
Once you are in your settings, click on “General”. It should have a gear icon.
In General, click on “VPN & Device Management” button.
In VPN & Device Management, click on the Management Profile button under Downloaded Profile.
This should take you to a Install Profile screen. Click on the Install button at the top right corner of the screen.
It will ask you to enter your phone passcode. Enter the code that you use to get into your phone.
Once back at the install profile screen, click “Install” at the bottom of the screen.
Read over the Root Certificate and Mobile Device Management information then click on “Install” at the top right of the screen.
When the promote for Remote Management comes up, click on Trust.
Once the installation is complete, it will show a Verified green check mark under the “Signed by” section. Click Done in the top right.
You will need to switch back to the Company Portal app. Swipe up from the bottom of the screen to view the list of opened apps. Click on Comp Portal
Once back on the company portal app, you should have a green check mark next to Install management profile. Click on Continue.
It will check your device settings to ensure they are in compliance with our security policies within Intune. If your device doesn’t meet minimum device requirements, please reach out to the helpdesk to have them assist with what needs to change to bring your device into compliance.
During this process, it will auto install any necessary applications or convert any already installed apps that are in the list of managed apps to be managed. If the app is already installed, you will get a prompt to allow BRP to take management of the app. Below it shows that it wants to manage Microsoft Outlook. Click on Manage to move to the next required app.
If the app isn’t installed, it will ask you to install the app. Click Install to move to the next app.
Once all required apps have installed or been converted to managed, it will go back to the Check Device settings screen to continue checking your device. You will see a blue loading bar at the bottom of the screen to show the progress.
Once it’s done checking your device, it will take you back to the set-up screen and show that your device is all set with all green checks. Click on Done at the bottom of the screen.
After clicking done on the set-up screen, it will take you back to the main Company Portal screen to show you the available apps. Your device is now enrolled into Intune.
3. Signing into Outlook on iPhone
Step
Image
Navigate to the Outlook app, Enter your BRP provided email address and click Add Account.
It will redirect you to the Okta sign on page, enter your Okta username and password, check “Remember me”, then click Sign In.
Click on “Send Push” button.
After click send push, you will get a notification to your phone for Okta Verify. Click on the notification. If you don’t see the notification, go back to your home screen and click on the Okta Verify app. There will be a notification within the app you can click on.
Once you have clicked on the notification, verify the information on the sign in verification screen is correct then click on “Yes, It’s me”
This will take you to a number verification screen. There will be three numbers to choose from. You will need to switch back to Outlook to see what number is being displayed.
Swipe up from the bottom of your phone screen to show a list of open apps, select Outlook.
You will find a number being displayed on this screen, remember this number and switch back to the Okta Verify app.
To switch back, swipe up from the bottom of the screen to show the list of opened apps. Click on Okta Verify. Once there, select the number you saw on the outlook screen.
Once you have selected the correct number and Okta has completed verification, switch back to the outlook app. You will see a screen that says “Signing in to Microsoft Office 365”.
Once it is done signing you in, you might get a prompt notifying you that the organization is now protecting the data in the app. Click on OK.
You should now be logged into outlook mobile with your BRP email. It will show “Updating…” at the bottom of the screen while it downloads your emails from the server. If you were unable to get signed into outlook, please contact our Helpdesk for assistance.
4. Installing available app on iPhone
Step
Image
After Company Portal has been set up, it will take you to the Apps screen within the company portal app. Here you can install any other apps you may need that are managed. Such as Tableau or Workday. You can click on “View all apps” link next to Recently published to view all managed apps.
Once you are the list of apps, you can search for and select any app you may need to install.
Tableau Mobile for instance is one of the apps being managed but not automatically installed on managed phones. Once you have selected Tableau Mobile from the previous screen, it will take you to a screen to install it. Click on the install button.
Once you have selected to install an app, it will take you to a screen showing that the installation is pending and to go to the home screen to check the progress. Navigate back to your home screen.
It might take a minute or two, but you will get a pop up asking you to install the app you selected to install. In this case, it’s asking me to install Tableau Mobile. Click Install.
You should see the app starting to install on your phone. Once it’s done installing, you will be able to use it.
