As many Organizations are going towards Office 365 or are evaluating it, so we as Messaging & Collaboration Admins/ Architects should have understanding of both on-premise & off premise solutions.
Today I am getting into details about setting up MDM for O365..
Launch O365 admin center http://portal.office.com
- Click on Mobile Management
2. First of all you need to configure APN setting if you want to manage IOS devices.
3. Setup --> Configure APNs Certificate for IOS devices
4. Download the CSR file to your Computer & Click Next.
5. Click on Apple APN Portal link to redirect to Apple portal & login with your apple id.
Click Create a Certificate
7. Upload the CSR that you have downloaded to generate the Certificate.
8. Now new certificate for Push Notifications gets created, download it.
9. Now move back to Office 365 Portal & upload the certificate that you just created.
10. After installation is completed , you are done with o365 admin side steps.
You need to add two DNS entries as well:
EnterpriseEnrollment -CNAME -EnterpriseEnrollment.manage.microsoft.com
EnterpriseRegistration --CNAME --EnterpriseRegistration.windows.net
11. Now You need to setup Device security Policy by clicking Manage device security Policies & Access rules:
12. Here you get the option to change Organization wide settings
13. You can change the Manage Organization policy setting to Block if you don't want unsupported devices to access Exchange.
14. Now click plus sign & create a Policy/ target it to a security group ,add those members to the security group whom you want to manage from MDM.
15. Below are the example settings that I have done for my environment
16. After this is finished, policy will take some time to Turn on.
Now all the steps of enrollment needs to be carried on mobile device.
- You will receive a email on your device as below:
Click on the link --> get Started Now
2. Login to your office 365 account & Device enrollment will start, click Begin.
3. Click Enroll
4. In the Next step, click Install
4. Enter your pass-code
5. Click Install so that Profile can be installed.
6. Click on Trust & the enrollment is finished.
Now you will be again able to receive the emails on the Mobile Device.
Above steps are for Enrollment of Iphone 6.