Last modified by Sabrina V. on 2025/06/04 08:41
Show last authors
1 {{aagon.floatingbox/}}
2
3 = ACMP Intune Management settings =
4
5 {{aagon.infobox}}
6 To import data, you need an ACMP Intune Management (trial) licence. If you do not yet have a licence, please contact your sales representative.
7 {{/aagon.infobox}}
8
9 The basic requirement for displaying data from your Intune tenants in ACMP Intune Management and working with it is that you configure at least one portal in the settings. Once you have created a portal, the required information is imported and made available to you in ACMP Intune Management.
10
11 == Manage Intune portals ==
12
13 First, navigate to the settings (//System// > //Settings// > //Intune Management//) to begin preparation for all continuing work. The view is divided into two parts. On the left side, you will see the action fields where you can add ([[image:1748947636680-487.png]]), edit ([[image:1748947636681-148.png]]) or delete ([[image:1748947636681-487.png]]) Intune portals. A list of all existing portals that you have previously created can be found below. On the right side is the detailed view of the selected portal.
14
15 == Add Intune portal ==
16
17 To add a new portal, click the button with the same name //Add //([[image:1748947661808-385.png]]) in the bar. A wizard opens that guides you through the next steps. On the first page, you can enter the name and description for the portal.
18
19 {{box}}
20 **Tip**: Make sure to use a clear name. Ideally, the portal should have the same name as the Intune tenant itself.
21 {{/box}}
22
23 Click //Next >// to continue.
24
25 [[General information when adding an Intune portal>>image:ACMP.68.ACMP-Solutions.Intune Management.WebHome@68_INtune Management_Portal hinzufügen_899.png]]
26
27 Now enter the application ID (client) and the directory ID (tenant) in the fields provided.
28
29 {{aagon.infobox}}
30 You can find the application ID (client) and directory ID (tenant) in the [[registered company application>>doc:ACMP.68.Unternehmensanwendung registrieren in der Microsoft Entra ID.WebHome]].
31 {{/aagon.infobox}}
32
33 Then select the authentication type you want to use for the connection information. You can choose between the //certificate //and the //secret client key//.
34
35 === Certificate ===
36
37 Select the authentication type //Certificate //and click on the //Add// button. A new window will open in which you must now insert the public and private keys. To do this, click on the button [[image:1748947754330-273.png]] and insert the appropriate key that you used earlier in the preparations for Microsoft Azure. Close the step by clicking on //OK//.
38
39 [[Add client certificate>>image:ACMP.68.ACMP-Solutions.Lizenzmanagement.Microsoft 365.WebHome@67_M365_Client Zertifikat hinzufügen_508.png||alt="68_Intune Management_Client Zertifikat hinzufügen_508.png"]]
40
41 If you want to delete the certificate, you must click on //Remove//.
42
43 === Secret client key ===
44
45 Click //Add// below the secret client key if you want to select this authentication method. A new window opens in which you must enter the secret ID and the value of the secret client key. Also specify a validity period. Exit the step by clicking //OK//. You will be taken back to the wizard.
46
47 [[Entering the secret client key>>image:ACMP.68.ACMP-Solutions.Intune Management.WebHome@68_Intune Management_Geheimen Clientschlüssel hinzufügen_508.png]]
48
49 [[Connection information for the Intune portal>>image:ACMP.68.ACMP-Solutions.Intune Management.WebHome@68_Intune Management_Verbindungseinstellungen_965.png]]
50
51 Depending on the authentication type selected, only the corresponding fields will be filled in. In this explanation, the type //Certificate //was used.
52 Check your connection by clicking //Test connection//. This allows you to ensure that the information entered so far has been inserted correctly.
53
54
55 **Optional ACMP multi-tenancy**
56
57 If you use [[ACMP multi-tenancy>>doc:ACMP.68.ACMP-Solutions.System.Mandanten.WebHome]], you can assign the portal and the data stored there to a tenant. This means that ACMP users can only view the data of the tenant they are logged in to. There are two options available here:
58
59 |**Tenant option**|**Description**
60 |Portal is global|The portal is not assigned to a specific tenant, which means that it is only visible to the tenant administrator.
61 |Portal is assigned to a single ACMP tenant|The portal is assigned to a specific tenant. A tenant can have multiple portals, but a portal can be assigned to at most one tenant.
62
63 {{aagon.infobox}}
64 Please note that the client settings are only visible if you have enabled multi-tenancy in your environment.
65 {{/aagon.infobox}}
66
67 Exit the wizard by clicking //Finish//. You will be returned to the overview page within the ACMP settings, where the new portal has been added to the list.
68
69 [[Portal added in Intune settings>>image:ACMP.68.ACMP-Solutions.Intune Management.WebHome@68_Intune Management_Hinzugefügtes Intune Portal in den Einstellungen_1218.png]]
70
71 == Edit or delete Intune portals ==
72
73 Existing Intune portals can be edited or deleted. If you want to edit an existing portal, for example to make changes to the authentication type or description, click on the //Edit //([[image:1748947933581-311.png]]) button. A window opens in which you can now customize the information provided. The information is divided into two tabs: //General //and //Connection Information//. Change all the information you want and then click //Save//.
74
75 {{aagon.infobox}}
76 If you make any changes to the existing portal information, follow the procedure described in the section [[//Add Intune Portal//>>doc:||anchor="HAddIntuneportal"]] and the notes provided there.
77 {{/aagon.infobox}}
78
79 To delete an Intune portal, click on the action of the same name //Delete //([[image:1748947948729-791.png]]). Confirm the security question with //Yes //and the data will be removed.
80
81 {{aagon.warnungsbox}}
82 Please note that when you delete a portal, all data and information about already imported apps, users and groups will be deleted from ACMP. This does not affect the data on your Intune tenant! The deletion cannot be undone.
83 {{/aagon.warnungsbox}}
84
85 = Additional settings areas for Intune Management =
86
87 == Scheduled Server task for importing Intune data ==
88
89 Intune data is imported via a scheduled server task, which is performed once a day by default. You can change the start condition of the server task as required.
90
91 [[Scheduled Server Tasks>>doc:ACMP.68.ACMP-Solutions.System.Einstellungen.ACMP Server.WebHome||anchor="HGeplanteServeraufgaben"]] (//System// > //Settings// > //ACMP// //Server// > //Scheduled Server Tasks//)
92
93 |**Server Task**|**Description**|**Standard start condition**
94 |Import Intune data|Imports Intune Apps, Groups, Users & devices|Start every day
95
96 {{aagon.infobox}}
97 Regardless of the start condition set here by default, you can also trigger the import manually at any time if necessary. To do this, click Import Intune data in the ribbon bar in Intune Management. The status of the job can be viewed via the [[Server Monitor>>url:https://doc.aagon.com/bin/view/ACMP/68/Arbeiten%20mit%20der%20ACMP%20Console/Aufbau%20der%20Console/Ribbonleiste/Monitore/#HServermonitor]] (//Ribbon bar //> //Monitors //> //Server Monitor//).
98 {{/aagon.infobox}}
99
100 == Intune visibility and permissions ==
101
102 The visibility and permissions allow you to control which users can see what and, if necessary, what they can edit.
103
104 The following permissions are available in connection with Intune Management:
105
106 **Apps**
107
108 |**Right**|**Description**
109 |Delete Intune Apps|User is allowed to delete Intune Appse
110 |Edit Intune App Assignments|User is allowed to edit Intune App Assignments
111
112 **Users**
113
114 |(% style="width:657px" %)**Right**|(% style="width:1035px" %)**Description**
115 |(% style="width:657px" %)Delete Intune Users|(% style="width:1035px" %)User is allowed to delete Intune Users
116 |(% style="width:657px" %)Edit Intune User Group Membership|(% style="width:1035px" %)User is allowed to modify Intune User Group Membership
117
118 **Groups**
119
120 |(% style="width:655px" %)**Right**|(% style="width:1037px" %)**Description**
121 |(% style="width:655px" %)Delete Intune Groups|(% style="width:1037px" %)User is allowed to delete Intune Groups
122 |(% style="width:655px" %)Edit Intune Group Members|(% style="width:1037px" %)User is allowed to modify Intune Group Members
123 |(% style="width:655px" %)Edit Intune Group Owners|(% style="width:1037px" %)User is allowed to modify Intune Group Owners
124
125 [[Visibility of Intune Management permissions>>image:68_Intune Management_Benutzerrechte_1038.png]]
126
127 If you want a user to also be able to use Intune-relevant actions in the query actions, these visibilities must be deployed separately. These permissions can be found on the same page under the section Client Management > Query Management > Query Actions:
128
129 * Send Intune notification
130 * Remotely lock Intune Devices
131 * Wipe Intune Devices
132 * Sync Intune Devices
133 * Retire Intune Devices
134
135 For more information about query actions, see the section [[Intune Management - Query Actions>>doc:ACMP.68.ACMP-Solutions.Intune Management.WebHome||anchor="HAbfrageaktionen"]].
136
137
138
© Aagon GmbH 2025
Besuchen Sie unsere neue Aagon-Community