Export (0) Print
Expand All

Manage mobile devices with Microsoft Intune

Updated: December 12, 2014

Applies To: Microsoft Intune

Intune can help you protect and manage devices while allowing users to access company email, data and apps. Because it is cloud-based, you can administer devices from any supported web browser. You can use Intune to manage mobile devices including phones and tablets running Android, iOS, Windows Phone, and Windows RT operating systems. Computers running Windows 8.1 can be managed as mobile devices or as computers using the Intune client software.

Intune can manage mobile devices in a number of ways:

This topic assumes that Intune manages mobile devices alone without System Center Configuration Manager integration or Exchange ActiveSync.

Intune mobile device management supports the following operating systems:

  • Apple iOS 6 and later

  • Google Android 2.3.4 and later (includes Samsung KNOX)

  • Windows Phone 8.0 and later

  • Windows RT and later

  • Windows 8.1 computers

For a list of features, see Mobile device management capabilities in Microsoft Intune.

Before you can enroll mobile devices, you must prepare the Intune service by selecting the appropriate mobile device management authority setting on the Mobile Device Management page of the Administration workspace. The mobile device management authority setting determines whether you manage mobile devices with Intune or System Center Configuration Manager with Intune integration. This guidance assumes Intune is used without System Center Configuration Manager integration so the setting should be set to Microsoft Intune.

ImportantImportant
Consider carefully whether you want to manage mobile devices using Intune only or System Center Configuration Manager with Intune integration. After you set the mobile device management authority to either of these options, it cannot be changed again.

  1. In the Microsoft Intune administration console click Admin > Mobile Device Management.

  2. In the Tasks list, click Set Mobile Device Management Authority. The Set MDM Authority dialog box opens.

  3. Check the box and then click Yes to use Microsoft Intune to manage mobile devices.

Each mobile device operating system (for example Windows, iOS or Android) requires its own setup procedure. For example, to manage iOS devices, you need an Apple Push Notification service certificate to connect iOS devices with your Intune account. Similarly, to manage apps for a Windows RT 8.1 device, your company must get side-loading keys and a code-signing certificate. Other devices, such as Android, have no requirements.

After the Intune device management infrastructure is in place, devices must be enrolled to allow management and access to company resources:

  • Bring Your Own Device (BYOD) – Users enroll their personal devices using a Company Portal app or setting. An administrator must add users to Intune and assign licenses to allow device management. Each user can have up to five devices managed by Intune.

  • Corporate-owned Choose Your Own Device (CYOD) – (iOS only) The company provides one or more devices for employees to choose from while retaining administrative control of the device. These devices are owned and managed by the company and can be preconfigured for company policy from their initial setup.

  • Corporate-owned shared devices – Corporate-owned shared devices meet the need for devices such as point-of-sale machines, kiosks, or tablets shared by multiple students in a classroom. Shared devices can be user-less or assigned to a device enrollment manager.

    • Device enrollment manager devices – A special user account allows the administrator or her designate to enroll more than 5 devices. The admin or manager takes ownership and can manage the device, its policy and apps.

    • User-less devices (iOS only) –The administrator enrolls the device with a device certificate which restricts day-to-day users from modifying the device.

 

Enrollment type BYOD CYOD Shared device with manager account Shared device without a user account

Description

Personal device

Corporate-owned device for single user

Corporate-owned device managed using a manager account shared by many users

Corporate-owned user-less device used by many users.

Device’s user

Owner

Assigned user

No specific user

No specific user

Who enrolls

Owner

Administrator

Device Manager

Anyone

Who un-enrolls

Owner or administrator

Administrator

Administrator

Administrator

Who can reset

Owner or Administrator

Administrator

Administrator

Administrator

See Also

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft