Enrollment of +30 iOS devices to Intune



Looking for a piece of advice here :)

A brand new tenant, ready for enrolling +30 iPads. Here's the question:

iPads are company owned, some Apps deployed using Intune. How would you start the enrollment proces?

We have got all iPads in the IT dep. - Should we start them, login with a Apple ID for each iPad, download Company portal and management the devices through this?

Or - any smarter way? 

10 Replies

Is it preferrable using Apple Configurator?? 


Unfortunately there are no short cuts unless the devices are Apple DEP enrolled. And even if the devices were DEP enrolled then you would still need to factory reset the devices to move them from one MDM to Intune.

I wish I had better news but one of Intune's weak points is the time it takes to perform mobile enrollment.

Thanks for reply :) - so far so good.
There are no user affinity on the iPads - so I have been playing around with Apple Configurator, and configured Intunes backend to Apple enrollment.
It seems to be pretty straightforward to create the profile in Apple configurator and "Prepare" each device from that Macbook.
Am I on the correct path here:)?

The Apple Configurator is one way to go. It depends on whether you need Supervised mode on the devices. The Apple Configurator is extra hassle that you might not need.


If you don't need supervised mode then I would recommend installing the Company portal and enrolling the iPads directly.


You could also try writing an enrolment user guide and get the users to enrol their own devices. In my rollouts so far (I work as a consultant in this field), I usually see a success rate of between 50% and 75% for user self enrolment.


In the long term self enrolment is the right approach because it cuts the IT workload.

That makes sence - Im just a bit confused about the Apple ID to use then?
Should a Apple ID be created for each iPad then?

My advice would be to create an apple ID for each user using their work email address. That way you can recover the Apple ID password if you have to wipe and re-enrol the devices.


Some organisations use a single Apple ID across all devices but you have to be quite aggressive about blocking iCloud backup, or settings will bleed from one user to another.


Unfortunately Apple ID's and Google Play accounts are unavoidable nuisances for Mobile Device Management.

Thank you for your advice :)
The iPads are used wit no user affinity - so I might just create an account pr. device with device name?
That is a valid approach.



Been playing around with some devices now.

I think I will deploy the image using Apple Configurator..... So the device is Superviced?


- I need to lock down the devices, for example prevent App Store access. How is this done easiest?

I have tried to create som restrictions in Intune Configuration, but I dont believe its working when Company Portal isn't installed on the devices - am I correct? As far as I can see, I cant install Company portal when the device is deployed using Direct Enrollment (Apple Configurator).


I have created an Apple ID for each - and tred just to install Company portal an enroll the devices. But I dont seem to be able to lock dowm the devices enough afterwards.


Any help is greatly appreciated!



Nevermind - just needed some time for the configuration setting to kick in. :)

I actually guess its working as intended now :)


But comments are welcome