You’ll find the initial part of getting Mobile Device Management (MDM) working with Office 365 here:
The end result was that I had ended up with the following error:
As a reader of this blog pointed out to me on Yammer (yeah Yammer!),
What I had overlooked was the above, highlighted text. I couldn’t apply the policy to an individual user I needed to apply that to a security group. Ah ha! Thanks for the keen eyes there.
So I went off and created an Office 365 Security group and then added the appropriate user to that group AND THEN added that group to the policy and voila, no more errors in my policy!
After a little while (<5 mins) I receive the following message on my iPad that is already using that account.
Interestingly, that message does not appear in OWA via the browser.
I now select the Enrol your device link and I’m taken to:
Where I’m prompted to install the Microsoft Intune Company Portal, on my device.
I’m then prompted to login to my Office 365 account as the user in question.
So now the Microsoft Intune Company Portal app launches and I see the above screen. I select Enrol to continue.
I now get taken to the device settings and prompted to Install.
I note that Office 365 will now be able to remotely manage my iPad, which is what I want so I select Install to continue.
Shortly I see my device is enrolled. Yeah!
If I now return to my Office 365 admin console and refresh the Mobile Devices page I see the above. My iPad now appears as a managed device. Job done.
All in all this is a pretty simple process. The trick that that managed users need to reside in an Office 365 Security group before they can have the mobile device policy applied to them.
I will need to dig into all the options and better understand what is happening behind the scenes but gotta say I am pretty impressed at how easy the process of enrolling a device. Now I’m off to try a few other devices.