Forum Discussion
Intune Standalone Device-Based Certificate Issue
Can Intune Standalone deploy SCEP certs to devices? In my testing (and according to a recent ticket I opened), it appears standalone can only deploy user certs and that an Intune Hybrid setup is req...
Hi, did you manage to work this approach?
As I understand correctly Windows NPS server (as a RADIUS) cant auth Azure AD joined device to Access Point even device-based cert was deployed to client because NPS could only check trusts for domain-joined computers, not for only Azure AD Joined devices.
alexander tikhomirov ah good point I'm not deep enough into NPS, there might be a limitation here...
Oliver Kieselbach thanks for article, but users based certs used in their solution
"For a more immersive experience, machine certificates are preferred for use, subject to their availability in Intune"
Hey alexander tikhomirov,
don't think this is the case, AADJ can be used in the scenario. There are blogs out there which are showing successful implementation of this scenario, like this one: https://blog.auth360.net/2018/10/12/windows-10-password-less-azure-ad-join-microsoft-intune-and-windows-hello-for-business/
best,
Oliver
- Incidentally, ours are iOS devices so a somewhat different use case.
