Це відео не доступне.
Перепрошуємо.
S03E16 - Deploying SCEP certificates to iOS devices (I.T)
Вставка
- Опубліковано 7 сер 2024
- Certificates! Nobody likes them, but they are more important than you'll ever want to admit. In this series of videos, the gang will dive deep into ways to deploy certificates via Intune.
In this episode, we show you how easy it is to create policies to deploy SCEP certificates to your iOS devices.
00:00 - Intro
01:17 - Create trusted certificate profile for iOS
docs.microsoft.com/mem/intune...
05:50 - Create SCEP certificate profile for iOS
docs.microsoft.com/mem/intune...
13:12 - iOS demo
16:47 - Wrap up
Visit our websites and social media for more or to get in touch with us
Steve Hosking - Microsoft MMD Team
/ onpremcloudguy
steven.hosking.com.au/
mvp.microsoft.com/en-us/Publi...
github.com/onpremcloudguy
Adam Gross - Microsoft MVP - Enterprise Mobility
/ adamgrosstx
www.asquaredozen.com
github.com/AdamGrossTX
mvp.microsoft.com/en-us/Publi...
Ben Reader - Microsoft MVP - Enterprise Mobility
/ powers_hell
www.powers-hell.com/
github.com/tabs-not-spaces
mvp.microsoft.com/en-us/Publi...
Jake Shackelford - Microsoft MVP - Enterprise Mobility
/ shackelfjaco
sysmansquad.com/author/jshack...
/ jacob-shackelford-a5bb...
Guys thank you for the series, really really appreciated from France. ✌🏿
Awesome work! The SCEP setup info is pure gold!
Thank you for all the videos, they're such a massive help
Highly recomendable, thanks for your videos, guys!
Awesome videos! We will use this.
Maybe an always on VPN with conditional access video? 🥳
Hi guys, thanks for sharing this video, very nice. Would it be possible to include some troubleshooting? Thanks
Great video series! It really helped! But.... I have not seen the mentioned episodes addressing CBA for iOS / Android using RADIUS. The topic was briefly mentioned in this episode, but I am not able to find any details on how to configure NPS policies to take advantage of CBA for Intune - non-domain joined devices.
Nice video
Hi Guys this is great demo - question - if using this method - how do we enable smime for outlook app on iOS ?
good video, do you have an videos showing creating a email profile that uses SCEP for authentication?
Hi guys, thank you for this great tutorial. I have setup a similar thing in my environment but something very strange is happening I noticed that each device has not just one SCEP cert issued to it but THREE! Any ideas?
Thanks for this great series of videos. Did you came across to deploy a user certificate to iOS for user to use it for VPN to connect to Microsoft RRAS/NPS? I can't get it to work. Do you plan to include something like this in your series?
Nevermind. I got it working finally ;). It wasn't the certificate template. It was that iOS supports PEAP only with Certificate and ms chapv2. I switched to EAP-TLS
Very helpful video. Have you guys done a video on setting up wifi profiles using SCEP certificates?
We don’t have a video on them yet I don’t believe. However I’m using them in prod today. What specifically do you need to know?
-Adam
@@IntuneTraining im trying to create an email profile that authenticates using a scep cert for o365 email, each time i configure a profile im still getting prompted for a password on the device even though the cert is installed.
Great video guys. The security group you used to assign the SCEP and Root certs too, was it device-based?
It is important to assign the root and SCEP Certificate profile to the same group type. Preferable the same group. Device and device or user and user
@@andreasrogge7920 thanks Andreas, really appreciate that.
Hi, Do you have a video on PKCS for IOS devices?
You Guys are the best! Just hit a Wifi roadblock on the iOS and while researching came across you guys. However where do we get the scep server url? Thanks so much!
The URL is in the Azure App Proxy App that you create for your NDES server. We have a video on setting up NDES.
@@IntuneTraining thank you!!!!
Hey guys i have around 100 ipads that dont have a primary user, how can i enroll them without a user? And how do i license those devices ?
Hi, Trying to deploy Android/ios SCEP cert for a Kiosk Device
I have tried specifying subject names but teh certificate is not being created
If we don't have SCEP or PCKS certificate and use UserName & Password in Device Configuration Profile --> Outlook Config settings --> Authentication method, getting password prompt every few hours is normal? or we should not get password prompt at all?
This is how it looks like on my side and i get password promopt on my Iphone every few hours
Username attribute from AAD User Principal Name
Email address attribute from AAD User Principal Name
Authentication method Username and password
SSL Disable
OAuth Disable
Exchange data to sync All data
Hello!
I was unable to retrieve the username of the device in the Common Name (CN) field of the certificate. Despite trying various variables, including the one you used, When I include /CN={{UserName}},E={{EmailAddress}}
in the SCEP profile, the CN field in the certificate is populated with the value of the variable rather than the actual username. I couldn't find a solution would you please help me?.
Can be deployed to iOS User enrollment devices?
Great video series! It really helped! But.... I have not seen the mentioned episodes addressing CBA for iOS / Android using RADIUS. The topic was briefly mentioned in this episode, but I am not able to find any details on how to configure NPS policies to take advantage of CBA for Intune - non-domain joined devices.