Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

How can we improve Microsoft Endpoint Manager Intune?

← Ideas

Deploy unique computer certificates using Intune/SCEP/NDES

We want to deploy unique device certificates to our Windows 10 devices using Intune/SCEP/NDES. At the moment we can only deploy user certificates.

The story behind this idea is as follows:

We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

598 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google Microsoft Intune
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Ruud Gijsbers shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

21 comments

Sign in
(thinking…)
Sign in with: Facebook Google Microsoft Intune
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • João Ribeiro commented  ·   ·  Flag as inappropriate

    It's available for Windows 10 Device Configuration Profiles but what about macOS ? It's going to be available as well ?

  • Uwe commented  ·   ·  Flag as inappropriate

    We do also need this for about 1000 AAD joined Windows 10 devices.

  • Ash Hoque commented  ·   ·  Flag as inappropriate

    I would like to see this extended beyond Windows devices and include Android and iOS

  • Anonymous commented  ·   ·  Flag as inappropriate

    Any update? This is holding up adoption anywhere where networks will only talk to trusted devices.

  • Sudarshan commented  ·   ·  Flag as inappropriate

    @Cathy Moya - can you confirm if this unique device cert can be deployed to Shared iOS device before deploying in kiosk mode(they will be DEP devices)

  • Jason Schuler commented  ·   ·  Flag as inappropriate

    I am currently running into a need for this. I have Windows 10 devices running the Intune Software client that have conflicts with my Computer certificate auto-enroll GPO. This is causing the software client to crash and do me no good. I’m being told to manage Windows 10 as mobile devices but will then lose the ability to deploy my WiFi profile using computer cert authentication. If it’s not one thing it’s another...

  • Andreas Norling commented  ·   ·  Flag as inappropriate

    I would very much like to be able to deploy computer/device certificates as well. As other people have mentioned, I would like the device to be able to connect to our wifi before any user has logged in to it.

  • Oliver Kieselbach commented  ·   ·  Flag as inappropriate

    indeed and in troubleshooting cases this is good also. Imagine a Win10 AAD joined device. now you get logon problems with the logon of the owner. to logon with a different user you need an internet connection (Wi-Fi) but you won't get one as it's bound to user cert at the moment. with a device cert this would be no problem!

  • Andre Potters commented  ·   ·  Flag as inappropriate

    We are using shared Windows 10 devices and a wireless environment that uses certificate authentication. Because of the shared devices and the possibility that the user never logged on to the device yet, we want the wireless profile to be connected before user logon. And that requires a unique computer certificate.

← Previous 1

Ideas: Mobile Device Management (general)

Categories

Feedback and Knowledge Base

(thinking…)