Intune PKCS Certificate not showing in Monitor > Certificates
When working with Intune to deploy PKCS Certificates from an On Prem Enterprise CA, we are not seeing the certificates issued to iOS/iPadOS devices within the Certificate Report. Windows issued certificates are showing fine however. We can confirm that the Certificate profile shows successful and the device actually has a certificate under Settings > General > VPN and Device Management > Management Profile > More Details. Is there something that I missed to be able to see the issued certs in monitor or is there something wrong with the reporting. Of note, we also see the iOS/iPadOS certificates in the succeeded folder on the certificate connector but no the Windows ones. Event Viewer also shows that the certificate was successfully issued and sent to Intune.
Intune PKCS Certificate does not get installed on Client
Hi, I am testing the deployment of a user certificate via Device Configuration Policy (Windows 10 - PKCS certificate). Now, the certificate is requested, and in the logs of the CA, I see that the PKCS request was successful. I can also see the requested certificate for the user on the Configuration Profile under "Certificates." Soon, I realize that the report shows an error without an error code, and the certificate is not installed. After waiting for a couple of hours, I notice that Intune reports success, and the certificate is installed. It seems that Intune retrieves the certificate very quickly, within a couple of minutes, but then cannot install it on the client immediately. Instead, it attempts installation again after a couple of hours, where it succeeds. The client remains connected to the network throughout. Is this normal behavior, or am I missing something?
Deploying PKCS Device Certificate on Android Device Administrator Enrolled Devices
Is it possible to deploy PKCS Device Certificates to Android Device Administrator enrolled devices utilizing AD CS and the Microsoft Intune Certificate Connector? I got it working with iOS/iPad devices, but our Honeywell devices are all Device Administrator enrolled (I've been told that they don't support Android Enterprise enrollment deployment configurations), and we are trying to deploy PAN GlobalProtect using device certificates for authentication. While trying to configure the PKCS certificate device configuration profile in Intune it appears to be missing the option for the certificate type (User vs Device). All the "Subject name format" and "Subject alternative name" options appear to be related to user certificates; Does this mean that we are only able to deploy PKCS User Certificates for Android Device Administrator enrolled devices? Does anyone happen to know if GlobalProtect would be able to use a user certificate for authentication? I understand that the device administrator enrollment method has been getting depreciated for a while, but I don't understand the reasoning behind this particular limitation. Reference: https://docs.microsoft.com/en-us/mem/intune/protect/certificates-pfx-configure#create-a-pkcs-certificate-profileAndroid PKCS
Hello. We have a problem with PKCS deployment to Android devices from Intune Standalone. It looks like Intune only pushes the ROOT certificate to the device. The pkcs policy is marked green and the certificate is generated on the CA server and the logs/files on the NDESConnector server is saying that upload and everything worked ok. i tried an older android os in the NOX emulator, on this device i get notices that i have security credentials to import. one for the ROOT and one for the USER certs. Is it even possibleto deploy a pkcs cert to android devices? How did you configure the policys in order to get it to work? i have tried to change almost everything in the policy but cant get it to work. And all internet guides aint giving me any good suggestions.
