Enrolling iOS device through Company Portal App


As an alternative to enrollment with the Company Portal app, you can leverage the Apple Device Enrollment Program (DEP) or the Apple Configurator tool to bulk enroll the corporate-owned devices. However, in this post we will be describing the steps required to enroll the iOS devices through Company Portal App.

From your apple device (I am using iPhone4 for this demo), launch the App Store application


From the Search field, search for “Company Portal”, you should get the Microsoft Intune Company Portal as first option.


Press the GET button to download and install the Company Portal App

IMG_0002a IMG_0003

Once the installation is completed, you will see a new icon among your listed apps, Open the Company Portal App to launch it.


Press the sign In button to login


Key in the domain username, you may notice that the login page will be automatically redirected to your organizations branded login page to enter the username and password.

IMG_0004b  IMG_0004c

Notice that the company logo or brand name is displayed


After login is successful, the Company Access Setup wizard will start by displaying the Device enrolment and device compliance status. Press Begin to start the enrolment process.


The next couple of screens will show you the benefits and privacy features of enrolling the device.

Press continue twice to run through the information details of enrolling the device .

IMG_0006  IMG_0007

Press Enroll to initialize the device enrolment process


Press sign in to start the device enrolment process


The screen will then jump to the iOS internal management profile installation process. You can see here that the management profile for the domain (flanker) is verified and the same is signed by the Microsoft Intune service IOSProfileSigning.manage.microsoft.com.

To continue, press the Install button, and confirm when asked to Install Now.


The process will setup all the required management services and certificates


Once again the wizard will ask for one final confirmation. Press Install and Done when complete

IMG_0013  IMG_0014


IMG_0015  IMG_0016

Notice that the Company Access Setup displaying the Device enrolment and device compliance status as Successful

press Continue to proceed


Press Done at the company Access Setup Complete screen


The Company Portal App will display the enrolled device under My Devices. You will now have access to Apps and Device Information


pressing the device will display the details of the device enrolled.


The Intune administrator can view the enrolled device listed in the Intune admin portal as well.





iOS device management with Microsoft Intune

Microsoft Intune provides iOS and Mac OS X device enrollment to give access to company email and apps to iPhone, iPad and Mac users. Once users install the Intune company portal app, their devices can be targeted with policy using the Intune administration console.

Before you can manage iOS and Mac devices, you must import an Apple Push Notification service (APNs) certificate from Apple.

Steps to manage iOS and Mac devices with Microsoft Intune

Set up Intune: ensure that the mobile device management authority is set as Microsoft Intune.


Get a certificate signing request: This certificate allows Intune to manage iOS and Mac devices and establishes an accredited and encrypted IP connection with the mobile device management authority services.

1 DownloadRequest

click Download the APNs certificate request. Save the certificate signing request (.csr) file locally.


The .csr file is used to request a trust relationship certificate from the Apple Push Certificates Portal.

Get an Apple Push Notification service certificate: Go to the Apple Push Certificates Portal and sign in with your company Apple ID to create the APNs certificate using the .csr file.

3 Apple Portal

4 AppleLogin

Note: This Apple ID must be used in future to renew your APNs certificate.

Click on Create Certificate to submit the certificate request

5Create Cert

Click on Browse to locate the locally stored certificate signing request (.csr) file and then click Open


Cancel the. json file download notification


Refresh the page and you will find the newly created certificate listed under “Certificates for Third-party serversselect the Certificate you want to download and click Download

8Download Cert

Download the APNs (.pem) certificate and save the file locally. This APNs certificate file is used to establish a trust relationship between the Apple Push Notification server and Intune’s mobile device management authority.

9 Save Cert

Now we need to add the APNs certificate to Intune. click Upload the APNs certificate.

10 upload Certificate

Browse to the locally saved certificate (.pem) file and click Open and then enter your Apple ID. With the APNs certificate, Intune can enroll and manage iOS devices by pushing policy to enrolled mobile devices.

11 Upload

Once the APNs certificate is uploaded successfully, the Intune portal will show the status as “Ready for Enrolment



Now we can inform the users to get access to company resources through the company portal.

Please refer to the “Enrolling iOS device through company portal blog for enabling iOS device management. In this post, we will demonstrate how the end user is going to enroll their own iOS device with Microsoft Intune.


%d bloggers like this: