Create iOS Enrollment Profile in Intune with PowerShell

JenSin 0 Reputation points
2023-11-20T21:00:29.0066667+00:00

I'd like some feedback on creating iOS Enrollment Profiles in Intune with PowerShell. I've successfully automated most of my Intune/iOS deployment processes. I've had no issues creating Filters or Device Configuration profiles and I can easily assign Enrollment Profiles via PS script. When I attempt to create iOS Enrollment Profiles however, I run into an issue. The creation process completes successfully. The resulting profile is identical to a manually created Enrollment Profile in every way, with the exception of the displayName and id.

The issue occurs when a device assigned to the script-created Enrollment Profile attempts to onboard. At the Remote Management screen, the error "The configuration for your iPad could not be downloaded from [Organization Name]. Invalid Profile" occurs. At this point the device is essentially bricked until it can be connected to Apple Configurator and reset at a base level.

While I am happy to provide my code, the more specific question I have is if this is intended to function. I've been unable to find others who have attempted this. We are growing at an astronomical rate, and each new site requires a unique enrollment profile/device naming convention. Having this functionality would be of great value.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,232 questions
Microsoft Intune iOS
Microsoft Intune iOS
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.iOS: An Apple mobile operating system.
201 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,657 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,266 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Wilkin Sanchez 186 Reputation points
    2024-01-16T03:18:13.85+00:00

    Hello @JenSin ,

    Generally, it should work. Now, since we don't know the content of the script it's hard to tell if it's a typo or a bad configuration. This is what I would recommend to troubleshoot:

    • Perform a thorough comparison of a script-created profile and a manually created profile.
    • Review Microsoft Graph API documentation for changes.
    • Try creating a profile with the most basic settings and see if that works. Gradually add more settings to pinpoint where the issue might be occurring.
    • Lastly, open a ticket with Microsoft directly to see if it's something on their end.

    Thank you.