Skip to content
IntuneMacAdmins

Integrate Apple Business Manager with Intune

Create the push certificate

You need an Apple MDM Push certificate to manage your iOS/iPadOS and macOS devices in Microsoft Intune. This token enables devices to enroll via Intune Comp Portal or ADE/ASM/AC2. Follow the steps below to create the Apple MDM push certificate and upload it to the Intune Portal. I’ve written a post on the renewal of the certificate, you can use this post also for the creation of the certificate. It it not that different and pretty easy to do.

Create the Apple Automated Device Enrollment Token

So the pre-requisite is done, but before you can enroll iOS/iPadOS devices, you would need an Apple Server Token (.p7m) file from Apple. This token syncs information from Intune to ADE devices that your corporation owns. It also allows Intune to assign enrollment profiles to Apple and to assign devices to those profiles.

Follow the steps below to create & upload the ADE token:

In Intune portal, select Devices – Enrollment – Apple – Enrollment Program Tokens

Enrollment Token

Click Add, tick the I agree box, click download your public key and save this key on your device. The .pem file is used to request a trust-relationship certificate from the Apple Business Manager portal.

Enrollment Token

Click on Create a token via Apple Business Manager to open the Apple Business Manager portal for creating your ADE token (MDM server). Sign in with your company’s Apple ID in Apple Business Manager.

Click your name at the bottom of the sidebar – Preferences.

Enrollment Token

Then click “Add” to add MDM Server.

Enrollment Token

Name your MDM Server, tick the box Allow this MDM Server to release devices and upload the public key file you just downloaded and click save._createMdxContent

Enrollment Token

Now download your MDM Server Token._createMdxContent

Enrollment Token

You will get a warning, you can ignore this because this is our first token, just click Download MDM Server Token and save this on your device._createMdxContent

Enrollment Token

Now back to the Intune Portal, fill in your apple ID, upload the newly downloaded token, click next and create._createMdxContent

Enrollment Token

When this is done you will get this screen.

Enrollment Token

Now your Apple Business Manager is connected to Intune.