Intune Certificate
It's also possible to use the certificate which every Windows 10 machine receives from Intune when joining your Azure Active Directory
Why we are not recommending to use Intune certificates for authentication purposes?
Intune certificates are not supported by Microsoft for other purposes than management with Intune.
Validity time for the Intune certificates is 1 year.
There is no mechanism to revoke certificates (like OCSP).
Instead of using Intune certificates, we recommend to use certificates from a PKI like SCEPman.
Configure Intune IDs
Use this setting with care. One of the following IDs must exist in the certificate extension 1.2.840.113556.5.14. All other certificates will rejected.
To get your Intune Tenant ID, follow these steps:
Press Windows + R and enter certlm.msc
Go to your personal certificates. There will be a certificate from one of the following issuers
SC Online Issuing
MDM Device Authority
Open this certificate, go to Details and search for the extension
1.2.840.113556.5.14
The printed HEX value is your Intune Tenant ID.
Example:
The Tenant ID of the following certificate is: bb4397cb6891c64db17f766487518a6a
Last updated