The Intune Certificate Connectors provides users and devices managed by Intune (joined in Azure AD) to (auto-)enroll certificates in an Active Directory Certificate Authority, either on-premise or in Azure. The connector is a piece of software which allows Intune to enroll and issue certificates on behalf of users/devices that aren't joined directly in the local AD but are joined in Azure AD instead, and needs to be installed on a server in the same AD domain as the Certificate Authority.
The installation is outlined here, but it isn't entirely complete as it omits a few requirements. After the installation, you are required to enter the credentials of an account with Azure Global administrator permissions, but this is only part of the requirement. The account you use needs to be licensed for Intune, otherwise the registration process for the connector will fail with this error:
In short, these are the things to check when installing and registering ("enrolling" as they call it during the setup process):
Once the connector is registered (i.e. it is visible in the list of Certificate connectors in Intune), the user no longer needs to be a Global Administrator and no longer needs to have a license for Intune.
« ‹ | December 2024 | › » | ||||
Sun | Mon | Tue | Wed | Thu | Fri | Sat |
1 | 2 | 3 | 4 | 5 | 6 | 7 |
8 | 9 | 10 | 11 | 12 | 13 | 14 |
15 | 16 | 17 | 18 | 19 | 20 | 21 |
22 | 23 | 24 | 25 | 26 | 27 | 28 |
29 | 30 | 31 |