Gerry Hampson Device Management: PowerShell script - add and configure Intune Subscription

Tuesday 17 January 2017

PowerShell script - add and configure Intune Subscription

I've been deploying Microsoft Intune a lot recently. Adding and configuring the Intune subscription in the Configuration Manager console is very straightforward but can take be time-consuming. I've created a simple PowerShell script to automate this.

This script adds an Intune subscription to ConfigMgr Current Branch and configures the subscription to enable management of Android, iOS, Windows and Windows Phone devices.

The cmdlets in this script require a valid Intune subscription. They require Configuration Manager 1511 or later, although it is recommended to use 1606 or later. There are published workarounds for using the cmdlets in pre-1606 environments.

Instructions for use

Download an APN certificate request from ConfigMgr and generate the APN certificate directly from Apple in advance of running this script. Save the Apple APN certificate to a local folder eg (E:\Sources\MDM\Apple\AppleCert.pem) https://identity.apple.com
Save script to installation folder
Install the System Center Configuration Manager Cmdlet Library (if you are already using PoSH with ConfigMgr you will have done this already) https://www.microsoft.com/en-us/download/details.aspx?id=46681
Run PowerShell and browse to the installation folder (you may have to run PoSH as administrator as the first step is to set the execution policy to unrestricted)
Run IntuneSubscriptionScript.ps1
The script will prompt you to enter the following information:

Enter Site Server name
Enter Site Code
Enter Intune subscription username
Enter Intune subscription password
Enter Company Color Scheme (options: Blue, Magenta, Purple, Teal, Lime, Brown, Pink, Orange, Red or Green)
Enter your organization name
Enter valid contact email address
Enter contact name
Enter path to Apple APN certificate
Enter Apple APN certificate password - leave blank if no password