How to Integrate Windows Intune with SCCM 2012 SP1


As Mobile Device Management product windows Intune can integrate with Sccm 2012 sp1 to manage the mobile devices using the SCCM console. Also Windows Intune can operate via internet without the SCCM integration as well. Anyway the below steps give you and Idea how to integrate SCCM 2012 SP1 with Windows Intune.

1- Open the SCCM 2012 SP1 Management console and go to Administration> Hierarchy Configuration> Select the Windows Intune Subscription > Right Click on it and Select Create Windows Intune Subscription as indicates in below screen.


2- On the getting started menu Click Next


3- On the Windows Intune Subscription Page you have to logging to windows intune account which you already have. Click Singing and key in the account details. Then SCCM server will connect with your intune portal.

Note- Make sure you already have a Windows Intune account created. If not create a free 30 days Trial using your Hotmail, Live or using any of your Microsoft account etc.


4- Once it successfully connected to windows intune portal and it will enable you to select the option for you to Allow Configuration Manager console to manage the mobile devices.

Make a note that once you enable this option you cannot change it back. The settings will configured in intune portal and there is no way to change the Mobile Device Management Authority here after.


5- Once you enable the Mobile device management using sccm option then Click Next to Continue.

6- On the General Configuration page you can specify the user collection whose members be able to enroll their devices for management. Also the Site code which you use in the SCCM have to select from the drop down list under Configuration Manager Site code.

In addition to that you can Type your Company Name and its details as you want. Whatever changes you do will effect for you company portal. When user logged in to the intune company portal to download their applications they will see these details.


7- Click Next on the Summary Page.


8- Click Close button to complete the integration of Intune.


9- After the successful integration of SCCM 2012 SP1 with Windows Intune then you have to add the site system role.

Go to Administration > Site Configuration> Servers and Site System Roles> Select the Management server> Right Click on it> Select Add Site System Roles.


10- Click Next on the General Page


11- If you have a proxy and if you access the internet through Proxy server then key in the details under Specify Internet Proxy Server settings page. If no proxy in your environment just click next to continue.


12- On the role selection page Select Windows Intune Connector and Click Next to continue.


13- On the summary page verify the settings you have made for this configuration and Click Next to Continue.


14- Click Close button to complete the Intune Connector role adding process as follows and make sure it’s successfully added.


15- After the integration you have to add the Distribution point for windows intune users. In this case you have to add as your DP. In this setup you don’t need to add IIS, PXE or any just skip all those and add the DP ( only as follows.

Select Site Configuration > Sites > Create Site System Server


16- Type the MANAGE.MICROSOFT.COM as you site server under Name column of the server and select the Site Code and Click Next.


17- Click Next on the Proxy settings. If you access internet via proxy then key in the settings for it.


18- On the System Role Selection Page Select the Distribution Point as follows and Click Next to continue the installation.


19- As I mentioned to you earlier you don’t need to worry about adding IIS, PXE or any setting in next steps. Just skip all and continue clicking Next button until you meet the completion of adding DP. Even if you select IIS no harm at all. The reason is we are using MANAGE.MICROSOFT.COM as the DP for Mobile Device Management.

20- After the completion of the above steps now you can manage your iso, WP8, Android and Windows RT devices via SCCM console. To configure the Mobile settings you can Right Click on Windows Intune Subscription and > Properties> Enable the Mobile devices you want to manage.

In the following example gives you an idea of it.


In my next article I will show you how to add the Apple Device to Intune and the way you can manage it.


How to Add a Trial Certificate to Manage Windows Phone 8 using Windows Intune

If any of you want to try out how to manage Windows Phone 8 using SCCM 2012 SP1 + Windows Intune, then you all need to get the Code Singing Certificate and the Company Portal App as indicates in following screen.



With Reference to Microsoft Article:

The Support Tool for Windows Intune Trial Management of Window Phone 8 enables Microsoft System Center 2012 Configuration Manager administrators to enable Windows Phone 8 Device management during the Intune Subscription trial period. This downloaded support tool includes a script which populates a sample Application Enrollment Token in the Microsoft System Center 2012 Configuration Manager environment, a sample Windows Phone 8 Company Portal app, and two sample applications that can be used for WP8 software distribution scenarios.

You can download the tool from the below link.


to Setup follow the below steps.


1- System Requirements

Supported Operating System:

x-Windows Server 2008, Windows Server 2012

x-System Center 2012 SP1 Configuration Manager with Windows Intune Subscription


2-Install Instructions

    After downloading the MSI,

    1. Create an Intune subscription in the System Center 2012 Configuration Manager SP1 console and leave WP8 disabled
    2. Create SSP.XAP (included in the msi) as Application within the Configuration Manager console
      • Deploy this application to cloud DP ( targeting cloud managed users
    3. Enable management of WP8 devices
      • Open command prompt and run the script ConfigureWP8Settings.vbs in query mode to get Company Portal name
        cscript ConfigureWP8Settings.vbs <server> QuerySSPModelName
        where <server> is server name for top level site (standalone site or CAS)
        The result looks like this "ScopeId_D863212F-F5D5-48EA-9C42-1CC6C0DDA03A/Application_95ac8248-d8fe-4686-9c16-e0a2fb0fe256". This will be used in the next step.
      • Run the script ConfigureWP8Settings.vbs in save mode with SSP name. This will populate the necessary certificate information to enable Windows Phone 8 device management
        cscript ConfigureWP8Settings.vbs <server> SaveSettings <Company Portal name>
        where <Company Portal name> is the output from the earlier step.
    4. After completion of the steps above, administrator can verify that WP8 device management is enabled. Admin can verify by going to Intune subscription properties, WP8 tab. WP8 should be enabled, certificate should be present, and company portal app should be populated with whatever app the admin selected in step 2.
    5. Deploy the sample apps provided in this package as appropriate
    6. Users will now be able to enroll their WP8 device and could browse the deployed sample apps in their SSP.

How to Configuring System Center Configuration Manager 2012 Boundaries

Computers are assigned as clients to Microsoft System Center Configuration Manager 2012 SP1 sites according to the boundaries configured in the Configuration Manager console. Boundaries are defined by Internet Protocol (IP) subnets, Active Directory site names, IPv6 Prefix, or IP ranges.

When creating Configuration Manager 2012 SP1 boundaries, you must also specify the type of network connection that the boundary will operate on.

1-To add a new boundary

1. In the Configuration Manager console, navigate to System Center Configuration Manager / Administration / Overview / Hierarchy Configuration/ Boundaries. Right click Boundaries and select Create Boundary.


2. On the Create Boundary properties page, enter the following information:

· Description

· Type

· Active Directory site name


2- To add a new boundary group

1. In the Configuration Manager console, navigate to System Center Configuration Manager / Administration / Overview / Hierarchy Configuration/ Boundary Group. Right click Boundary group and select Create Boundary Group.


2. In the General Tab, Key in the Group Name and click on Add for First Site Name from Active Directory.


3. Click on References Tab and then Check on Use the boundary group for site assignment and then click on Add from here you can specify Connection either Fast or Slow Connection.


4- To modify a boundary

1. In the Configuration Manager console, navigate to System Center Configuration Manager / Administration / Overview / Hierarchy Configuration/ Boundaries. Right click Boundaries and select Properties.

2. Modify the site boundary information as required on the boundary properties General tabs.

5- To delete a boundary

1. In the Configuration Manager console, navigate to System Center Configuration Manager / Administration / Overview / Hierarchy Configuration/ Boundaries.

2. In the console results pane, right-click the boundary name that you would like to delete and click Delete.

3. Confirm that you want to delete the boundary by clicking Yes on the delete confirmation dialog box.