Configure Intune for device enrollment

- So I'm logged in to the Microsoft 365 device management center, ready to enroll devices. Firstly, you need to click devices from the favorites option, scroll down to device enrollment and click enroll devices. The first three options show you the types of enrollment that are available. Windows enrollment, Apple enrollment, and Android enrollment. For the Windows enrollment, you can see all the options are available and everything is more or less configured. If I click Apple enrollment, you'll see that there's a prerequisite that has yet to be completed and a series of grayed out options. If I click on Android enrollment, the same is true. There's a prerequisite and some grayed out options. In order for us to deploy a policy to or manage and iOS device, we first need to complete this prerequisite. So, we'll click Apple MDM push certificate. This will then give us a slide out option were you'll see the option is checked for us. I grant Microsoft permission to send both user and device. If you have never completed this step, you'll need to check that option. I can then click download the CSR, this is the certificate sign in request that is needed to create the Apple MDM push certificate. We then click create your MDM push certificate. Now this logs me directly into my portal because I'm already signed in. But if you haven't signed in, you'll need to then authenticate with an Apple ID. It list me my certificates that have been revoked but I can click create a certificate, choose a file, and browse to that CSR file that I just downloaded. Once that's completed, you'll see here that it's successfully created a certificate. Now, the next step is to download that certificate. So we click download and this will download the PEM file, which is my private keyed certificate that I need for MDM. If I click back, to the MDM screen, I then need to enter my user ID that I use to generate the certificate. So we're going to use my ADELV account. So this is adelv@m365n673702 Microsoft.com And then I'm then going to go and browse to that PEM file or PEM certificate, which is here, and select that. And you can see that's the downloaded file that I got from the Apple MDM portal. I'll then click upload and you'll see a process kicks off. Now, in the background, you will have just seen these become active. I'm going to close that window and close that one and now my Apple configuration is ready for enrolling Apple devices. Now, if I want to enroll Android devices, I have to do a similar process but this is really just about linking a Google account directly to Intune. So I'll click manage Google Play. It tells me it's not set up. I'm going to grant Microsoft permission and then I'll click launch Google to connect now. Now, you can see here that I have previously registered so I need to click re-enroll and this will take me through a re-enrollment process to add my account back in. Now, if you haven't completed this previously, you'll have to enter the credentials for your Google account and then accept it being connected to Microsoft Intune. So I can now close this one here. This will actually prompt me for discarded saves and you'll see that those options now become available. Now we are ready to actually enroll devices for Apple and Android, as well as Windows.