Microsoft Intune introduced High Available (HA) support for SCEP/PFX Connector

Since December 2017 Microsoft Intune introduced support for multiple active SCEP/PFX connectors per tenant in order to provide high availability for certificate handling.

Initially the Microsoft Intune SCEP/PFX connector didn’t provide support for high availability. The SCEP/PFX connector could be installed as an single instance with no option for multiple active connectors.

Microsoft Intune SCEP-PFX Connector
Microsoft Intune SCEP/PFX connector support multiple active connectors per tenant.

Continue reading “Microsoft Intune introduced High Available (HA) support for SCEP/PFX Connector”

Part 2 – Deploying Microsoft Intune Connector in an Enterprise world: troubleshooting

In a diptych I’m sharing my experiences, common practices and challenges of implementing Microsoft Intune PFX connector as certificate deployment mechanism in the enterprise.

IntunePFX

In my first blog post I covered the basics of implementing a certificate deployment infrastructure based on Microsoft Intune PFX connector. Explained the differences and considerations whether to choose SCEP or PFX as your certificate deployment solution. And explained the certificate issuing workflow. In this second post I’ll go in more detail of the anatomy of the Intune Certificate Connector, setup. Explaining the renewal and revocation process(flow) works. And lastly I give you some pointers where to start your journey, in case of troubleshooting certificate deployment issues.

Part 1 – Deploying Microsoft Intune Connector in an Enterprise world: common practices

Part 2 – Deploying Microsoft Intune Connector in an Enterprise world: troubleshooting

Continue reading “Part 2 – Deploying Microsoft Intune Connector in an Enterprise world: troubleshooting”

Part 1 – Deploying Microsoft Intune PFX connector in an Enterprise world…common practices

Last year I had the change to implement PFX certificate infrastructure for a large enterprise customer. Occasion of the project was a migration of Citrix XenMobile (XDM) to Microsoft Intune as strategic mobile device- and application management solution.

microsoft-intune-pfx-connector-architecture-overview
Microsoft Intune PFX connector certificate deployment architecture.

In a series of blogposts I’m sharing my experiences, design decisions, common practices and challenges of implementing Microsoft Intune PFX connector as certificate deployment mechanism in an enterprise environment.

Part 3 – Deploy certificates to mobile devices using Microsoft Intune NDES – Deployment

In the first two blog posts I covered the theory how deployment of certificates works to mobile devices using Microsoft Intune NDES connector followed by setup and configuring the connector.

In this third blog – part 3 – I’ll outline the depoyment of both Trusted CA Certificate Profile and SCEP Certificate profiles to mobile devices.

Continue reading “Part 3 – Deploy certificates to mobile devices using Microsoft Intune NDES – Deployment”

Part 2 – Deploy certificates to mobile devices using Microsoft Intune NDES – Connector

In part 1 of this blog series I provided some background and highlevel overview how the proces of deploying certificate profiles to devices works with Microsoft Intune.

In this second blog – part 2 – I’ll outline the setup and configuration of the Microsoft Intune NDES connector. As starting point, we assume that you have already installed a Certificate Authorithy (CA), NDES server and an active Microsoft Intune subscription.

Continue reading “Part 2 – Deploy certificates to mobile devices using Microsoft Intune NDES – Connector”

Part 1 – Deploy certificates to mobile devices using Microsoft Intune NDES – Overview

With the recent updates of Microsoft Intune it is possible now deploying certificate profiles using Network Device Enrollment Service (NDES) to mobile devices.

In this blog series I’ll cover the different aspects of certificate enrollment proces by using Microsoft Intune (standalone).

Overview

Before going in details about NDES and hereby an brief overview of how NDES process works in relation to Microsoft Intune.

Microsoft Intune Standalone NDES

Continue reading “Part 1 – Deploy certificates to mobile devices using Microsoft Intune NDES – Overview”