前提条件

Before setting up the Microsoft Intune SCEP integration, make sure the following prerequisites are in place.

Microsoft Intune prerequisites

Microsoft AzureテナントでAzure Active Directoryサービスが有効になっていること。
お使いのMicrosoft IntuneアカウントがIntune MDM Authorityに向けて構成されていること。
Apple iOS デバイスに証明書を発行する必要がある場合、Microsoft IntuneアカウントにApple MDM プッシュ証明書が構成されていること。
To include user security identifier (SID) values in client authentication certificates issued from Trust Lifecycle Manager, the On-premises sync enabled flag must be set to Yes for the users in Intune.

You must have available seat licenses allocated to the business unit(s) where you'll create certificate profiles and issue certificates.

Your Trust Lifecycle Manager account must include one or more of the following base templates to use for creating certificate profiles.

DigiCert ONE 証明書テンプレート	シートタイプ	Issuing CA
Microsoft Intune (SCEP) 用デバイス認証	デバイス	DigiCert® Private CA
`Generic Private Server Certificate`	Private	DigiCert® Private CA
`Public S/MIME (Digital Signature only) for Intune (via CertCentral)`¹	Public	DigiCert CertCentral®
Microsoft Intune (SCEP) 用のユーザークライアント認証	ユーザー	DigiCert® Private CA
_{1. This template is limited. If not already present, contact your platform representative to assign the template to your account.}

To start configuring the integration, you first need to Set up the Intune connector.

このセクションの内容: