Jump to content


anyweb

Mobile Device Management with Configuration Manager 2012 R2 - Part 1. Integrating Microsoft Intune

Recommended Posts

Apologize for asking again....has really nobody an answer or an idea on this or is there anything missing in my post?

 

 

Hi,

 

First of all thank you for all These "how to" which did help me a lot. PERFECT!

 

I have Setup a small Network incl. Intune function with following Parameters:

 

AD/DNS/DHCP/GPO/Dir Sync Tool Server 2012 R2 = DC1.xy.com 192.168.110.10

ADFS Server 2012 R2 = AF1-xy-com 192.168.150.10

WAP Server 2012 R2 = PX1.xy.com 192.168.150.13

TMG Server 2008 R2 = FW1.xy.com 192.168.100.10

 

All Servers are behind the TMG and configured with Auto Proxy via AD helper.

 

Certificate has subject Name af1.xy.com plus DNS af1.xy.com and enterprise.xy.com

 

https://af1.xy.com/...signon.aspx is working perfect. My DNS has a host entry where Enterprise points to af1 IP address. As well my DNS registrar has a host entry where enterprise points to my public IP. Intune sync was activated and I can see all my users etc. DNS entry on my registrar is set as CNAME enterpriseenrollment Points to enterpriseenrollment.manage.Microsoft.com. WAP Publishing web appplication external and back end with af1.xy.com. TMG has a HTTPS Server rule forwarding "public IP" (DNS registrar Points af1.xy.com to public IP) to af1.xy.com. Access from Internet to htttps://af1.xy.com...signon.aspx working well.

 

MY PROBLEM(s):

internal Access to https://enterprise.xy.com/....signon.aspx is not working

Access enterpriseenrollment.xy.com brings the Login page and I enter a user like test@xy.com where the Service is "forwarding" it to enterprise.xy.com/...signon.aspx and this does not work. If I Exchange enterprise with af1 in the link it is working perfect. Where to Change the "forwarding" address?

 

Many thanks,

Markus

Share this post


Link to post
Share on other sites

Hi Niall

 

Quick question in relation to the intune user collection that is needed for intune ready users. Is it possible to create a global collection (Windows Intune users) and then create 2 more collections i:e staff and students and include these in the global collection, then populate the included collections accordingly with staff and students?

I ask simply because of cosmetic management from within the CM Console.

 

Thanks.

Share this post


Link to post
Share on other sites

Thanks Niall

I would like to think that it would work just like device collections do with included collections, not unless there may be some weirdness with the intune connector not liking it.

I will report back early next week when implementation takes place.....and sure if it doesn't work I guess I can populate the global collection with users and remove the included collections.... I hope :blink:

 

In the meantime if anyone else has tried this or has any thoughts on the proposed collection design as to why it may or may not work please do leave a comment.

 

Thanks

Share this post


Link to post
Share on other sites

I can't imagine why it wouldn't work, i mean it's just a collection after all, so go ahead, and try it

Share this post


Link to post
Share on other sites

Just reporting back... the included collections seem to be working fine ...when a user is added to say the staff included collection the cloudusersync.log states

Total received users to add from SCCM = 1 , Total successfully added users to cloud = 1. :)

 

Just have a query.....When you add users to this collection and they sync up as users allowed to enrol devices, are they supposed to have the windows intune tick box ticked in their accounts in the Intune management portal?

The reason I ask is that 2 users were manually licensed for intune using the intune portal before integration took place and these 2 objects have the tick box ticked. The user I added using SCCM does not have the box ticked, the intune trial license count still remains at only 2 used also. :blink:

Maybe it takes time?

 

Thanks

Share this post


Link to post
Share on other sites

you are either managed by Intune, or ConfigMgr not both, so users created in Windows Intune (before or after Windows Intune is integrated with Configuration Manager) will remain in the Windows Intune users group in the Intune Account Portal, however users synched via dirsync will not. Most if not all of your management after you've enabled Intune Integration should be in the Configuration Manager console.

Share this post


Link to post
Share on other sites

Hello!

 

I've been following your guides for a really long time now! Great work!

 

I have a problem with SMS_DMP_DOWNLOADER component.

My dmpdownloader.log is filling up with error codes

 

ERROR: GetMessages CommunicationException: [An error occurred while receiving the HTTP response to https://msub03.manage.microsoft.com/SCCMConnectorService/SccmConnectorService.svc. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details.] SMS_DMP_DOWNLOADER 21.10.2014 20:48:38 4600 (0x11F8)
Failed to call Download. error = No such interface supported SMS_DMP_DOWNLOADER 21.10.2014 20:48:38 2284 (0x08EC)
The problem with those errors went as far as me installing the whole configuration manager environment (yes, it's a lab environment). I've tried searching for answers but nothing relates to Configuration Manager so i am really stuck.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.