Hello Nick, First of all would like to really appreciated for the effort and time taken for adding such informative videos. Kudos !!!!!!

Great video! And thank you for the complete demo at the end!

In Enrollment type you selected User Enrollment at 10:17 but when you present your mobile for enrolling the device you are getting two option which is "Determined Based on User choice" so my question is like if the both enrollment type option is same like "User Enrollment" & "Determined based on user choice" ! please clarify that point.

Hi Nick, First of all, many thanks for the detailed video on the company portal - User enrollment for the IOS personal devices. I have few questions, Please clarify and your answers would be really helpful for me. In this video @13:22 is the stage where the managed apple id is created automatically for the user in Apple Business Manager after the user has signed with his Azure AD credentials during the enrollment process ? Also in this type of enrollment, i cannot use the store apps to add the applications to Microsoft Intune portal for app deployment ? is this true ? In this method of enrollment, Is apple volume purchase program is the only option for app deployment from Microsoft Intune to IOS devices ? If we can also use the VPP for this method of enrollment, Any video created from your end for using the Apple volume purchase program configuration in ABM and Microsoft Intune ? Say for example, if the user does have the few apps already installed in his mobile but those apps are supposed to pushed and managed from Microsoft Intune , At this stage, Do we need to ask the user to remove the apps from his mobile device before they enroll the devices to Microsoft Intune ?

Excellent upload as always. Thanks

Hi! thanks for the video! How would you setup the device so that it can be shared on a daily basis by frontline workers. Example: In the morning someone arrives at their job, takes the company owned iOS device and has to login with their corporate account so that the device is theirs for that period of time. Later that day when that persons shift is over, they logout, stored data is removed and when the next worker shows up, he can fill in his/her credentials and the device is theirs for the next period. Hope you can answer it!

Does the device show in ABM when you do user or device enrollment? I would say it will not. Interesting: 3:59

Thanks for his video it was very helpful... One issue I am having is, after I created the enrollment profile, is that when I try to enroll the IOS device I never get to the Access Wizard to show up.. It just brings me the Company Portal and shows me my enrolled devices (my ios device never shows as enrolled if I look using my laptop). Any tips? We have an E5 license

Great video. Is it necessary for me to turn on Federated authentication? I asked because I probably have a ton of users that created their personal Apple ID using their corporate email which will create conflict when I enable Federated auth in ABM. That will also affect my Apple MDM push certificate since the Apple ID used is not a managed apple ID. Any thoughts on how do I go about this scenario? Also, how do you handle corporate iOS devices that is already out in the wild for a while and we need to manage it with MS Intune? Can I still use company portal and use device enrollment? Thank you so much for your help.

Hi T-Minus! Great videos. Can you give me some advice on how to lock down company iOS devices so that user will be forced to use Exchange Contacts exclusively? Or maybe even forced to use iOS contacts via a managed Apple ID?

Solid video man!!

Explained very well☺️.I have a question here , you mentioned we can create a conditional access Policy to redirect users to install company portal.Can you pls guide on this .. !!

Great Video!

Great video. Can you please explain or record how you would deploy or create a profile for devices that are ADE for Kiosk use? Thank you

Hi teacher. Could you make videos about how enrollment app on andriod device? How to set enrollment APK file to automatically install on the andriod device by sign Company portal app?

Hi Nick, This video is old but still gold !! I tried this - Everything works except one small issue. I could still see the factory reset option not greyed out in company portal app. In Intune portal, the device was seen as intune managed , personal device - their as well, the wipe option was preset and on choosing it the full device got wiped. Any pointers to disable full wipe or factory reset ?

Trying to connect a using a gmail account as apple id. When i go to install the cert its showing my company email account and doesnt allow me to modify it to change it to the ABM account i created. It doesnt allow me to use my actual company email address keep getting an error. Ive tried using the AMB account on a spare phone as appeid but doesnt allow that as it says its an ABM account. What am i missing?

Hi - thanks for this... but do you have a video on how to enroll ios fully managed corporate device? I'm trying to federate my business manager account with Azure but I keep getting a 403 error on apple's website :(

Great video and I have a question. After user enrollment, I was wondering whether iOS have one another exclusive workspace which stores all the corporate in-house apps such as Android Enterprise's work profile?

Hi T-Minus, great content you upload. I have a couple questions regarding the user enrollment. Currently i'm about to deploy intune in a large ios byod devices and I would want to know what will be the best approach for this kind of situations. As fas as I know, I need to set up an ABM environement to federate the O365 accounts and in order to create a professional apple ID for each of the users isn't it? and how do I do a user enrollment with iPhones? Do I need to mandatory download the company portal or just by adding the professional Apple Id the apps that i current have in the phone became corpoate and personal at the same time? Thank you very much!

Hi Nick, we have this one user unable to see emails on his IOS mail app. He already installed and login intune company portal. Our iOS Enrollment type profiles have been always blank/empty (never been configured). The rest of the users are working fine.

Hi, is it possible to use personal apple id's with device that is supervised y ABM please?

Hello, it doesn't look like federation is activated at 11:03. I am in the same situation and have some managed apple id created (including mine). However, when trying to enroll my iphone, I don't have the choice between corporate device or I own this device. Is this federation only meant for BYOD or even for corporate devices in DEP? Thanks

Hi Nick, I know this is an old video, but I have a question. Our company has intune and they have locked the policies down so much that it has been asked to to start from scratch to build a better and more user friendly solution. Let me know if you have some time to chat offline....

How about having an managed intune app multiple times. Like Whatsapp with company account and whatsapp with private account? I think Android Enterprise does this with Company Profiles. Is this possible in iOS too?

Hi Nick, I've watched a couple of your videos where you reference a video you made about "enrollment methods for iOS devices between BYOD and corporate owned". Could you provide me with a link to that video? Thanks!! I do find your videos very helpful & concise.

Hey Nick, Is there a way to set up a device to have separated apps so users can distinguish from personal apps to work apps? Android has a solution by creating a work profile with a separated home screen but I see no options with iOS.

Heya, how do I get the company portal installed. Once I sign in with a federated account, I cannot install any apps from the app store. Thanks

Thank you very much for this great video !!! I applied it in my company. I have a question about administrator's accounts defined in ABM prior to the federation with Intune. What will be the impact if an account is set up in ABM with administrator's role but without an account created within Intune after we activate the Federation ?

I've got my users enrollment set up, I did not set up federation as I haven't created a ABM account yet. I see the device in the Endpoint manager. My problem is that the Apps that I add, are not being pushed down to the iOS devices, whether they are required or not. Any ideas?

Is it possible at all to do user enrollment *without* ABM (no AAD federation or manual Management Apple ID from ABM)?

Can we deploy without federated authentication - what are the practical issues? (Our UPN's aren't the same as our email addresses so this option won't be easy for us)

Great content

Hi! Amazing video! What emulator are using for test? Can you recommend an iOS emulator for test Intune in W10?

Does this mean that you can have two instances of Microsoft apps? One for personal and one for corporate?

Hey Nick, thanks for your videos - its so helpful! I have a question about Federated AppleID. We have around 150/300 users that are currently using AppleID with company email (not federated). If I enable Federation through Apple Business Manager, will it kick out the existing users? The reason I ask is because our executive team are from the list of the users and I do not want to do something that causes them to be kicked out. Thanks in advance!

What free tool do you recommend to display iOS output to a computer?

Hello Nick, I am not sure if you still monitor this but if you do I'll pay you to help me learn this Intune enrollment information. I have a phone that belongs to the company in LA. I am in Atlanta. I need to remotely wipe the phone, and enroll in in Intune and load the corporate apps, Outlook etc and configure without having to fly there and or have the new user to do anything but enter their email address and password.

it is possible to setup Intune for IOS without APPLE BUSINESS MANAGER?, out setup is User Owned Device with Company profile.

Why did it still prompt the user asking who owns the device if you already selected user enrollment in the portal?

If I open VPN Location will change from company portal?

How is a user supposed to download the Intune company portal app if they sign in on the device with a Managed Apple ID? Managed Apple IDs do not have the ability to download apps. This is a company-owned device.

How do i setup an automatic enrollment, no user interaction?

Getting User name not recognized on Comp Portal app, anyone else got this?