设置 iOS 和 Mac 设备管理Set up iOS and Mac device management

适用于:经典控制台中的 IntuneApplies to: Intune in the classic console
正在查找有关 Azure 中的 Intune 的文档?Looking for documentation about Intune on Azure? 请转到此处Go here.

Intune 启用了 iPad、iPhone 和 macOS 设备的移动设备管理 (MDM),并允许用户访问公司电子邮件和应用。Intune enables mobile device management (MDM) of iPads, iPhones, and macOS devices and gives users access to company email and apps. 必须拥有 Apple 推送通知服务 (APNs) 证书,才能使用 Intune 管理 iOS 和 Mac 设备。An Apple Push Notification service (APNs) certificate is required for Intune to manage iOS and Mac devices. 在将证书添加到 Intune 后,用户就可以安装公司门户应用来注册其设备,或者管理员可以设置企业自有的 iOS 设备管理After the certificate is added to Intune, users can install the Company Portal app to enroll their devices, or the admin can set up corporate-owned iOS device management.

  1. 设置 IntuneSet up Intune
    如果你尚未设置,请通过将移动设备管理机构设置为“Microsoft Intune”并设置 MDM,为管理移动设备做好准备。If you haven’t already, prepare for mobile device management by setting the mobile device management authority as Microsoft Intune and setting up MDM.

  2. 获取证书签名请求Get a certificate signing request
    以管理用户身份,打开 Microsoft Intune 管理控制台,转到“管理”>“移动设备管理”>“iOS 和 Mac OS X”>“上传 APNs 证书”,然后选择“上传 APNs 证书请求”。As an administrative user, open the Microsoft Intune administration console, go to Administration > Mobile Device Management > iOS and Mac OS X > Upload an APNs Certificate, and then choose Download the APNs certificate request. 本地保存证书签名请求 (.csr) 文件。Save the certificate signing request (.csr) file locally. .Csr 文件用于从 Apple 推送证书门户请求信任关系证书。The .csr file is used to request a trust relationship certificate from the Apple Push Certificates Portal.

    上传 APNs 证书对话框

  3. 获取 Apple 推送通知服务证书Get an Apple Push Notification service certificate
    转到 Apple Push Certificates 门户,并使用公司 Apple ID 登录以使用 .csr 文件创建 APNs 证书。Go to the Apple Push Certificates Portal, and sign in with your company Apple ID to create the APNs certificate by using the .csr file. 在 Apple Push Certificates 门户上选择“上传”后,将收到不能用于 APNs 的 .json 文件。After choosing Upload on Apple's Push Certificate Portal, you will receive a .json file that cannot be used for APNs. 完成下载后,返回到“第三方服务器的证书”的 Apple Push Certificates 门户,然后选择“下载”。Complete the download, return to the Apple Push Certificates Portal for Certificates for Third-Party Servers, and then choose Download.

    下载 APNs (.pem) 证书并本地保存文件。Download the APNs (.pem) certificate, and save the file locally.

    备注

    每年都需要续订(不是替换)此 APNs 证书。Every year, you need to renew (not replace) this APNs certificate. 使用此相同的 Apple ID 登录到 Apple 推送证书门户来续订证书,然后按照本主题中相同的说明下载该证书,并将其上传到 Intune。Use this same Apple ID to sign in to Apple's Push Certificate Portal to renew the certificate, and then use the same instructions in this topic to download the certificate, and then upload it to Intune.

  4. 将 APNs 证书添加到 IntuneAdd the APNs certificate to Intune
    Microsoft Intune 管理控制台中,转到“管理”>“移动设备管理”>“iOS 和 Mac OS X”>“上传 APNs 证书”,然后选择“上传 APNs 证书”。In the Microsoft Intune administration console, go to Administration > Mobile Device Management > iOS and Mac OS X > Upload an APNs Certificate, and then choose Upload the APNs certificate. 转到证书 (.pem) 文件,选择“打开”,然后输入“Apple ID”。Go to the certificate (.pem) file, choose Open, and then enter your Apple ID. 使用 APN 证书,Intune 可通过将策略推送到注册的移动设备注册并管理 iOS 设备。With the APNs certificate, Intune can enroll and manage iOS devices by pushing policy to enrolled mobile devices.

  5. 告诉用户如何注册其设备以获取对公司资源的访问权限。Tell your users how to enroll their devices to get access to company resources.

    有关最终用户注册说明,请参阅在 Intune 中注册 iOS 设备在 Intune 中注册 macOS 设备For end-user enrollment instructions, see Enroll your iOS device in Intune and Enroll your macOS device in Intune. 注册过程会告知用户将出现的情况,以及 IT 管理员在其设备上可以看到和不能看到的内容。The enrollment process tells users what they can expect, and what IT administrators can and can't see on their devices.

    有关其他最终用户任务的信息,请参阅以下文章:For information about other end-user tasks, see these articles:

如果公司或组织为用户购买了 iOS 设备,也可以将这些设备注册为公司拥有的 iOS 设备,以便进行管理。If your company or organization buys iOS devices for users, those devices can also be enrolled for management as company-owned iOS devices.

另請參閱See Also

在 Microsoft Intune 中注册的先决条件Prerequisites for enrollment with Microsoft Intune

要提交产品反馈,请访问 Intune Feedback