Hi everyone, today we have another post from Intune Support Escalation Engineer Mingzhe Li. In this post, Mingzhe goes through setting up and configuring NDES for SCEP certificate deployments in Intu...
Updated May 06, 2019
Version 3.0
Blog Post
9 MIN READ
Support Tip - How to configure NDES for SCEP certificate deployments in Intune
Notes:
The Service account made for the NDES server needs to login as service this is done through secpol.msc. No guide I have seen lists this its a very annoying thing to figure out. not salty a all.
The intune cert connector needs to be installed as admin or it will error out at the configuration state. Also very annoying to sort out.
WSUS GPO prevented me from adding roles and feature to the server. The solution is to mount the server iso and point the "add roles and features" installer at mounted iso. Don't waste time with registry edits and restarting services..
The Azure Gui has changed but still works and is more or less the same. TLDR in entra go to "app registration" and configure the app proxy, then search for "app proxy" (you won't find it by navigating entras maze of menus) and download the client to the server.