Intune - Apple Automated Device Enrollment (ADE / DEP)

%3CLINGO-SUB%20id%3D%22lingo-sub-1404199%22%20slang%3D%22en-US%22%3EIntune%20-%20Apple%20Automated%20Device%20Enrollment%20(ADE%20%2F%20DEP)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1404199%22%20slang%3D%22en-US%22%3E%3CP%3EiOS%20devices%20are%20enrolled%20as%20fully%20managed%20(ADE%2FDEP).%20Enrollment%20program%20token%20has%20been%20renewed%20on%20time(prior%20to%20expiring).%3C%2FP%3E%3CP%3E%3CU%3EBut%20MDM%20push%20cert%20has%20expired%2C%20so%20a%20new%20cert%20was%20created.%3C%2FU%3E%3C%2FP%3E%3CP%3ENew%20none%20of%20the%20iOS%20devices%20are%20communicating%20to%20Intune.%20Last%20iOS%20devices%20sync%20was%20prior%20to%20the%20new%20MDM%20push%20cert%20creation.%3C%2FP%3E%3CP%3EAny%20suggestions%20to%20fix%20this%20situation%20without%20resetting%20the%20device%3F%3C%2FP%3E%3CP%3EThanks.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1404199%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1404697%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20-%20Apple%20Automated%20Device%20Enrollment%20(ADE%20%2F%20DEP)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1404697%22%20slang%3D%22en-US%22%3EIf%20your%20MDM%20push%20certificate%20was%20expired%2C%20the%20only%20solution%20is%20to%20re-enroll%20all%20devices.%3CBR%20%2F%3EThere%20is%20no%20other%20solution%20unfortunately.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1405030%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20-%20Apple%20Automated%20Device%20Enrollment%20(ADE%20%2F%20DEP)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1405030%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F186539%22%20target%3D%22_blank%22%3E%40Thijs%20Lecomte%3C%2FA%3E-%20Thanks%20for%20the%20prompt%20reply.%20They%20are%20fully%20managed%20with%20restriction%20to%20un-enroll%20%2F%20remove%20company%20portal.%20Is%20there%20a%20way%20to%20re-enroll%20without%20factory%20reset%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1405321%22%20slang%3D%22en-US%22%3ERe%3A%20Intune%20-%20Apple%20Automated%20Device%20Enrollment%20(ADE%20%2F%20DEP)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1405321%22%20slang%3D%22en-US%22%3EI%20just%20checked%20some%20documentation%2C%20but%20there%20seems%20to%20be%20no%20other%20way%20(cfr%20%3CA%20href%3D%22https%3A%2F%2Fsupport.jamfnow.com%2Fs%2Farticle%2FRe-enrolling-a-Managed-Device-Using-Automated-Device-Enrollment%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsupport.jamfnow.com%2Fs%2Farticle%2FRe-enrolling-a-Managed-Device-Using-Automated-Device-Enrollment%3C%2FA%3E)%3C%2FLINGO-BODY%3E
New Contributor

iOS devices are enrolled as fully managed (ADE/DEP). Enrollment program token has been renewed on time(prior to expiring).

But MDM push cert has expired, so a new cert was created.

New none of the iOS devices are communicating to Intune. Last iOS devices sync was prior to the new MDM push cert creation.

Any suggestions to fix this situation without resetting the device?

Thanks.

3 Replies
If your MDM push certificate was expired, the only solution is to re-enroll all devices.
There is no other solution unfortunately.

@Thijs Lecomte- Thanks for the prompt reply. They are fully managed with restriction to un-enroll / remove company portal. Is there a way to re-enroll without factory reset?