I have a new favorite feature in standalone Intune, custom iOS Policy. This lets you basically deploy a XML file with the supported configuration information you want to set on an iOS device even if it isn’t available in the Intune console, like deploying a Wi-Fi network with WPA2 and a Password.
The easiest way to create a profile file is to use the Apple Configurator, it is only available for OSX so you need a machine running OS X. Notepad can of course also be used 😉 Apple Configurator is available in the App store on OS X. In this example I will create a custom policy using Apple Configurator which configures a Wi-Fi WPA2 SSID with a password and then deploy it using Intune.
- Launch Apple Configurator and create a new policy.
- Give the policy a Name and enter your Organization name.
- Select Wi-Fi and click configure.
- Enter the information about the Wi-Fi network, here you can select WPA2 Personal and supply the password which isn’t possible in Microsoft Intune for now at least. Then select Save
- When the policy is created, select it and select Export Profile.
- Save it somewhere where you can access it later and upload it to Intune, I save it to my Onedrive.
The XML file will get an extensions of .Mobileconfig and it looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>AutoJoin</key>
<true/>
<key>EncryptionType</key>
<string>WPA2</string>
<key>HIDDEN_NETWORK</key>
<false/>
<key>IsHotspot</key>
<false/>
<key>Password</key>
<string>21432432423</string>
<key>PayloadDescription</key>
<string>Configures Wi-Fi settings</string>
<key>PayloadDisplayName</key>
<string>WiFi</string>
<key>PayloadIdentifier</key>
<string>Jorgens-MacBook-Air.local.9FDC88B6-3717-4165-8ABC-42E6330D25AD.com.apple.wifi.managed.C649D542-D680-4855-9CD5-917D373F256D</string>
<key>PayloadType</key>
<string>com.apple.wifi.managed</string>
<key>PayloadUUID</key>
<string>C649D542-D680-4855-9CD5-917D373F256D</string>
<key>PayloadVersion</key>
<real>1</real>
<key>ProxyType</key>
<string>None</string>
<key>SSID_STR</key>
<string>office1</string>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>Wifi4</string>
<key>PayloadIdentifier</key>
<string>Jorgens-MacBook-Air.local.9FDC88B6-3717-4165-8ABC-42E6330D25AD</string>
<key>PayloadOrganization</key>
<string>CCMEXEC</string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>4E067E5B-BD43-4760-B879-D8E26FEEA789</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
More information about valid syntax and settings can be found here: https://developer.apple.com/library/ios/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html
To deploy the newly created custom iOS policy file do the following:
- Login to the Intune console at http://manage.microsoft.com using a supported browser and platform = Windows Client.
- Under Policy and Configuration Policy, select Add
- Select Create and Deploy a Custom Policy and Create Policy.
- Enter a Name, Name displayed to the user and import the wifi4.mobileconfig file created before. Then select Save Policy.
- A dialog appears that asks you if you want to deploy the policy.
- We then select a group to deploy the policy to, in my case TechX demo
- On the iOS device, in my case an IPad Mini I can now see that the policy is applied under the Management Profile (yes it is in Swedish)
The Custom iOS policy is a really powerful tool, wish for it to be available in Hybrid scenarios as well!
Do you think this will work?
I created the xml from the apple configurator tool and imported this into SCCM/Intune like Kent does with his Android configuration,
http://blog.coretech.dk/kea/deploying-wifi-profiles-with-pre-shared-secret-to-android-devices-using-configmgr/