macOS
      Back to home
      1. Help Center
      2. macOS

      How to link an Apple Business Manager account with Microsoft Intune

      Overview

      Apple Business Manager (ABM) with Intune allow you to enrol corporate device to Intune effortlessly. This article will guide you through how to:

      • Get an Apple Device Enrolment token.
      • Sync managed devices to Intune.
      • Create an Enrolment profile.
      • Assign the Enrolment profile to devices.

      Prerequisites

      • D-U-N-S Number
      • Apple Business Manager account.
      • Devices purchased in Apple Business Manager or Apple's Device Enrolment Program.
      • Set the mobile device management authority.
      • Get an Apple MDM Push certificate.

      Create an Apple business management account

      In order to create an Apple business management account you first need to acquire a free D-U-N-S Number. Follow this guide to acquire a D-U-N-S and an Apple Business Manager account.

      Link your Apple Business Manager to Intune

      Set MDM authority to Intune

      • Go to Microsoft Intune portal.
      • Under Device onboarding, go to Enrollment.
      • Go to Apple tab.
      • Click on Enrollment program tokens.
      • Click on Add.
      • Click Agree.
      • Download the public key.
      • Save the file.
      • Go to endpoint manager.

      Add mobile device management (MDM) servers

      1. In Apple Business Manager, sign in with an account that has the role of Administrator or Device Enrolment Manager.

      2. Click on Settings at the bottom of the sidebar, then click Device Management Settings below Organisation Settings.

      3. Click on Add MBM Server, then enter a unique name for the server.

      4. Upload the public key certificate file, then tap Save.

      5. Tap then tap Download Server Token.

      6. You must now upload the server token to a specific MDM solution. Consult your MDM vendor’s documentation to complete this step.

      7. Repeat steps one to five for any other MDM servers you want to add.

      8. Click on Download token from apple.

      9. Download server token.

      10. Go back to Microsoft Intune portal.

      11. Apple ID is the same as the one you use on the apple store.

      12. Select the Apple token.

      13. Click Next.

      14. Click Create

      15. Go back to Enrol Devices.
      16. Go on Apple MDM push certificate.
      17. Note down the expiration in a shared calendar so that it can be renewed when it's expired after 12 months. Otherwise, devices will stop communicating back to Intune. If expiry date is greater than 30 days then all devices will need to be re-enrolled into Intune.