1. Home
  2. Training Library
  3. Microsoft 365
  4. Microsoft 365 Courses
  5. Enrolling Apple Devices in Microsoft 365 via Intune

Configure MDM Push Certificate Demo

Start course

In this course, we review the enrollment options available and processes to follow for enrolling Apple devices such as iPhones, iPads, and Macs in Microsoft 365. We look at some prerequisites and the options available for enrolling each type of device. We also work through a few hands-on demonstrations.

Learning Objectives

Understand the enrollment options and procedures for enrolling different Apple devices in Microsoft 365.

Intended Audience

  • Anyone who wants to earn a Microsoft 365 certification
  • Anyone who needs to enroll devices in Intune and Mobile Device Manager within Microsoft 365


You will require a basic understanding of Mobile Device Management in Microsoft 365.


Hello and welcome back. What we're going to do in this demonstration here is walk through the process of setting up the MDM certificate, so that end users can enroll their iOS devices and iPad iOS devices. Now, on the screen here, I'm logged into the Microsoft Endpoint Manager Admin Center, which is located at endpoint.microsoft.com. I'm logged in as my Global admin for my fictional Berks Lighting organization here. 

And to get the ball rolling here, what we're going to do is browse to Devices in the left navigation pane here. And from this navigation pane, we go to the Devices overview screen. And then from here we can manage devices by platform, we can manage device enrollment, provisioning, different policies. To set up our MDM certificate, what we're going to do is go into Enroll Devices here. And this takes us to the Enrolled Device's pane, where we can configure Windows enrollment, Apple enrollment, Android enrollment, and then we can select some other options here as well. Since we're setting this up for our Apple devices, we're going to select Apple enrollment here. 

And once we do that, we can see since we haven't met the Apple MDM push certificate, prerequisite yet, this chick lit here is highlighted. The other enrolment options here are not because we can't do anything without this prerequisite met. So, what we'll do here is we'll select the push certificate option, then you'll see here we have some information we have to provide, it's really a step-by-step process. Basically, we first have to grant Microsoft permission to send information to Apple. So, we'll go ahead and do that. And the second option here is to download the Intune certificate signing request because this is required to create the certificate in the Apple portal, which we'll do momentarily. 

So, we'll go ahead and download our CSR. And what we'll do here is we'll open this up. So, that's our CSR there. I'm going to drag this off-screen here for now. So, we've downloaded our CSR, and now what we have to do is create the Apple MDM push certificate. And to do that, what I'll do is I'll open the Apple portal in a new tab here. I'm already logged in my Apple portal as admin@berkslighting.com. Registration for this portal is free. Had I not had an account in the portal, it would have asked me to sign up. But since I'm already signed up I have an account, it just takes me right to the creative certificate start point. So, what we're going to do here is create a certificate and we're going to agree to the terms of use. 

So, now what we'll do here to create our new push certificate is choose the CSR we just downloaded. And it's just showing a three here because I've downloaded a few of these in the past before I clean things up. Normally, this will just say Intune CSR, but we'll go ahead and open it and upload it. So, at this point we get confirmation that the new certificate was created and we'll go ahead and download it, then we'll switch over. And then what we'll do here is we'll provide our login information. 

And what this is going to do is it's going to take my Apple ID and associate it with the certificate that we've pulled down just to make sure they match, so we'll go ahead and browse to it. And then we upload it. We can see that we get the green check mark, the push certificate was successfully created. And then what we'll do here is we'll close this out, and we can now see our enrolment methods and targeting have all become enabled. So, at this point, we've successfully added our MDM push certificate in the Microsoft Endpoint Management Admin Center. So, we'll call it a wrap for now and I'll see you in the next demonstration.


About the Author
Learning Paths

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.