Intune configuration
On this page
Navigation
Setup > Discovery & Assets > Connections.
Create an API connection
You need to create an API connection for SolarWinds Service Desk (SWSD) to call into Azure to collect the Intune data.
Step 1 - Begin Azure Registration
- Sign into your Azure portal.
-
From the Azure welcome page, under Azure services, select Azure Active Directory.
-
On the left, select App registrations.
-
Click New registration at the top of the page.
The Register an application dialog opens.
-
Provide a name for the new app. SolarWinds recommends Intune – SWSD.
-
Under supported account types, select Accounts in any organizational directory (Any Azure AD directory – Multi tenant).
-
Under Redirect URI, select Web from the dropdown and determine which selection to use:
-
For US datacenter customers: https://app.samanage.com/auth/microsoft_graph_auth/callback
-
For EU datacenter customers: https://appeu.samanage.com/auth/microsoft_graph_auth/callback
-
-
Click Register.
-
Copy the Application (client) ID.
-
Paste it in the integration section of SWSD under Application (client) ID.
You have created the connection between Azure and your SWSD and registered the app. Next, you need to create a certificate in Azure.
Step 2 - Create Azure Certificate
-
In Azure, click Certificates & Secrets.
-
Click New Client Secret.
-
Provide a description. SolarWinds recommends Intune SWSD.
-
Provide an expiration time.
The time selected dictates how long the connection will last before having to create a new secret. You should consult with your security team if you are unsure what to enter here.
-
-
Click Add.
-
Click the Copy to clipboard icon to copy the Application (client) secret value.
Client secret values cannot be viewed, except for immediately after creation. -
Paste the client secret value into the integration under Application (client) Secret.
-
In Azure, from the side menu click API Permissions.
-
Click Add a permission.
-
Click Microsoft Graph near the top.
-
Add the following:
- Device.Command - Delegated
- Device.Read - Delegated
- Device.Read.All - Application
- DeviceManagementConfiguration.Read.All - Application
- DeviceManagementManagedDevices.Read.All - Delegated
- DeviceManagementManagedDevices.Read.All - Application
- User.Read - Delegated
-
Click Intune.
-
Add the following:
-
App Permission
get_device_compliance - Application
-
-
Review the image below to confirm you set the correct permissions.
-
Create an Intune connection
-
Navigate to Setup > Discovery & Assets.
-
From the All Connections index page, click Add
, and from the dropdown menu, select Intune.
-
In the Intune dialog, provide the information requested.
-
Use the information below to help in configuration.
Fields with a red asterisk (*) are required.Field Description Name* Create a meaningful name that will provide you with significant data.
Name is for your ease and convenience. This information does not affect the scanning process.Description* Provide a meaningful description of the data. Cloud Type Identifies the type of Azure Cloud, either Public or Government, where your Intune instance is stored. Computers and Mobile Devices Identifies the device types for which you want to collect information. Select one or more. Application (client) ID* Azure identifier used to create an API connection to Intune. Application (client) Secret* Azure password. -
Click Create in the top right of the screen to save the connection.
Be aware that any incorrect information provided in the configuration setup (for example, an incorrect password) will prevent proper reporting in the Scanning report. -
Sign in using the credentials you set up for the Azure portal.
-
If you receive an error message regarding a regarding an integration failure:
-
Return to Step 2 - Create Azure Certificate, item 6.c.
-
Remove the permission for User.Read - Delegated.
-
Allow that permission again.
-
You have successfully created the connection between Azure and your SWSD.
List of fields pulled
Below is a list of the fields pulled. These fields are directly integrated into your SWSD instance.
Intune field | SWSD field |
---|---|
Owner name/ user display (the Azure-registered name of the user as identified by AzureUserID) | Owner |
User Principal Name or email address | Owner |
Phone number | Owner |
Device name | |
Manufacturer | Manufacturer |
Operating system | OS Version |
Serial number | Serial Number |
IMEI number | IMEI number |
IP address | IP address |
Wi-Fi MacAddress | Wi-Fi Mac |
ICCID | ICCID |
app name | App list |
version | App list |
app ID | App list |
size | App list |
installation location | App list |
Intune computer mappings
Below is a list of the Intune computer field names and the related SWSD field name.
Intune | SWSD |
---|---|
Device Name | Name |
Last Sync Date Time | Updated At |
Operating System | Operating System |
Device Type | Category |
OS Version | Operating System |
User Principal Name | Owner |
Model | Model |
Manufacturer | BIOS Manufacturer |
Serial Number | Serial Number |
Wifi Mac Address | Mac Address |
Physical Memory In Bytes | Physical Memory |
Processor Architecture | CPU |
Specification Version | CPU Speed |
IP Address V4 | IP Address |
Data syncs
Data syncs begin at 7:00 UTC.
More information about Discovery connections
See Connections for information about:
- Scanned ports and a list of the default ports scanned via Nmap
- How to run an on-demand scan
- How to pull a Last Scan Report
- What data is pulled during Discovery through connections
- Pulling fields from a mobile device via Intune
- Obtaining management data from remote computers via WMI
Related topics
Agent installation for mass deployment with Microsoft Intune