Here is the 2nd part of my article concerning CEM integration with Microsoft Intunes

In this article I will try to explain you the benefits and provide some video of enrollment and applications access.

First of all if you have followed my first article, you should have a configuration up and running, however we still have some stuff to do.

Validate NetScaler Connection to Intune

  • To validate that your configuration is “good” you can connect to your Netscaler in SSH and run the following command
show oauthAction
  • You will need to look for OAuth Status which should appear as COMPLETED

Modify CEM / NetScaler configuration

As the enrollment of a devices will you CEM for MDM and Intune for MAM, we need to make some configuration to ensure successful enrollement

  • Connect to Citrix Cloud
  • Under Endpoint Management Service, click on Manage
  • Click on Manage Apps and Devices in Citrix Endpoint Management
  • Click on the wheel on the upper right to go in Settings
  • Click on NetScaler Gateway
  • Click on your defined NSGW and select Delete
  • Click on Delete to confirm

Enroll a Device

Before enrolling a device, let’s review the applications:

  • As you can see there is 5 applications defined
  • Question here is why I do not see the Public App Store applications?

In fact, those 4 applications are in the Library in CEM and to validate access to those applications, the user credentials are verified on Azure.

To be able to assign users to the published application, we need to install AzureADConnect on 1 domain controller on the internal network.

Install Azure AD Connect

Azure AD Connect can be downloaded from this link

  • Click on Download
  • Click on Run
  • Accept the license agreement and click on Continue
  • Click on Use express settings
  • Provide Azure AD global administrator credentials and click on Next
  • Provide your password and click on Sign In
  • Provide AD DS enterprise administrator credentials and click on Next
  • Click on Install
  • Click on Exit

Validate AD Sync

To validate that everything is working correctly and that user from on-premise AD are synchronized in Azure, we will need to connect to Azure and go to Azure Active Directory > Users

  • As you can see above, my local AD user arnaud.pain@arnaud.biz has been created in Azure AD.

Assign application to users

Now that connection and synchronization between on-premise AD and Azure are done we can assign application to users.

  • Connect to your CEM Cloud account and go to Library
  • Select an application, click on the menu and select Manage Subscribers
  • Provide few letters to retrieve the group and click on it
  • As soon as the group is added and shown as Subscribed, click on the cross on the top right
  • Do the same for the remaining applications

Validation

This is it for this part 2.

Part 3 is coming soon with more details and information on testing.

Stay tuned!