Changes for page Unternehmensanwendung registrieren in der Microsoft Entra ID
Last modified by Sabrina V. on 2025/09/23 11:50
From version 3.1
edited by Sabrina V.
on 2025/05/20 12:18
on 2025/05/20 12:18
Change comment:
There is no comment for this version
To version 6.1
edited by Sabrina V.
on 2025/06/27 06:15
on 2025/06/27 06:15
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -37,6 +37,30 @@ 37 37 38 38 Depending on the area for which you want to grant authorisations, a distinction is made between ‘Delegated authorisations’ and ‘Application authorisations’. The tables below show the authorisations that you must insert here for the respective area. 39 39 40 +=== Intune Management === 41 + 42 +The following permissions are required to use Intune Management: 43 + 44 +**Intune** 45 + 46 +|**Type: Application** 47 +|get_data_warehouse 48 +|get_device_compliance 49 + 50 +(% class="wikigeneratedid" %) 51 +**Microsoft Graph** 52 + 53 +|**Typ: Application** 54 +|DeviceManagementApps.ReadWrite.All 55 +|DeviceManagementConfiguration.Read.All 56 +|DeviceManagementManagedDevices.PrivilegedOperations.All 57 +|DeviceManagementManagedDevices.ReadWrite.All 58 +|DeviceManagementServiceConfig.Read.All 59 +|Group.ReadWrite.All 60 +|GroupMember.ReadWrite.All 61 +|User.ReadWrite.All 62 +|Directory.ReadWrite.All 63 + 40 40 === Microsoft 365 === 41 41 42 42 **Only the application permissions are required to use Microsoft 365. Insert the following values individually and repeat the procedure until both list entries have been added:** ... ... @@ -89,7 +89,7 @@ 89 89 Due to the higher security level, Microsoft recommends using a certificate as login information. 90 90 {{/aagon.infobox}} 91 91 92 -Certificates can be used as an authentication method to log in to Microsoft Entra ID. A certificate always consists of a public and a private part, with the public key being loaded directly into Microsoft Entra ID. Both parts are required at a later stage when you add the certificate to the connection information for creating a new portal. This certificate pair must be generated in advance. Read here how to create a certificate via [[Microsoft>>url:https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?tabs=apex%2Cportal]] or [[Open SSL>>url:https://stackoverflow.com/questions/6307886/how-to-create-pfx-file-from-certificate-and-private-key]].Due to the higher security level, Microsoft recommends using a certificate as login information116 +Certificates can be used as an authentication method to log in to Microsoft Entra ID. A certificate always consists of a public and a private part, with the public key being loaded directly into Microsoft Entra ID. Both parts are required at a later stage when you add the certificate to the connection information for creating a new portal. This certificate pair must be generated in advance. Read here how to create a certificate via [[Microsoft>>url:https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?tabs=apex%2Cportal]] or Open SSL. Due to the higher security level, Microsoft recommends using a certificate as login information 93 93 94 94 {{aagon.infobox}} 95 95 The PKCS#12 or PFX/P12 format is often used for certificates. This is not supported by ACMP, as the certificate and key files are combined in a single file. However, you can use the OpenSSL commands openssl pkcs12 -in path.p12 -out newfile.crt -clcerts –nokeys for the certificate and openssl pkcs12 -in path.p12 -out newfile.pem -nocerts –nodes for the private key to generate two files from the file. ... ... @@ -117,7 +117,7 @@ 117 117 118 118 When creating a new secret client key, you have the option of configuring its validity period. Please note that once the validity period has expired, a new key must be created and stored. 119 119 120 -[[Add secret client key>>image:68_Unternehmensanwendung registrieren_Geheimen Clientschlüssel_1919.png]] 144 +[[Add secret client key>>image:68_Unternehmensanwendung registrieren_Geheimen Clientschlüssel hinzufügen_1919.png||alt="68_Unternehmensanwendung registrieren_Geheimen Clientschlüssel_1919.png"]] 121 121 122 122 {{aagon.infobox}} 123 123 If you want to use the secret client key for the ACMP Intune Connector, you must create a new key after the validity period has expired and store it in the AESB.