So you have enrolled your Apple devices to Intune to manage your iOS/iPadOS devices by pushing out policies to those mobile enrolled. This process allows organisations to manage Apple Devices, much like Jamf or Kandji which are a paid service. If you have a 365 Business account Intune is part of the service. Regardless you will need an Apple Business Manager portal to “manage” the Automatic Device Enrolment (ADE) (Master Data Serves MDS).
In short Apple Business Manager creates the ADE token which is added to Intune to allow communication between Intune and Apple. The enrollment program token is renewed annually. To keep the services running make sure you schedule your renew in a timely mater. This will prevent any uninterrupted access and management of your devices.
Fun Fact when you renew it the 365 day clock starts again so I would wait until the latest day needed to renew i.e Jan 10th renew date 5th – 7th January would be a good time to do it.
Items needed to auto renew:
- Admin access to the admin portal of Intune (365)
- Admin access to Apple Business Manager
Follow these steps to Renew Apple ADE Tokens in Intune
Login to Apple Business Manager
At the bottom select Preferences
Select Intune
Select the Download Token
Download the Token on a Mac it would be allow (See screen grab above)
We have the token from Apple Business Manager we now need to move to Intune. Don’t get confused with the 365 portal you need to go the the Intune Admin Centre. See url below
https://intune.microsoft.com/.
Click on or navigate to Devices.
Navigate to IOS/IpadOS Enrollment
From Enrollment click on Enrollment program tokens
Inside here you should see your tokens hopefully there is one for Intune (the naming convention would have been the name that was setup when the tokens was first created) From the tokens you will see the status if you have left it to the last minute to update then it should show you a status of expiring.
Clicking on the status should then give you the option to update the token
Navigate to the p7m File you download from the Apple Business Manager.
Check the details are correct and click create
You should now see the token with a green tickbox showing you the token is now renewed for another year. As mentioned above the 365 day clock starts again so wait until you close to the renewed date before completing the process mentioned here today.