From version 7.1 onward, Lansweeper is capable of scanning Android, iOS (iPhone and iPad) and Windows Phone mobile devices that are enrolled in Microsoft Intune. This article explains what the requirements are for Intune scanning and how to generate the application ID required for scanning.
To scan mobile devices through Microsoft Intune, the following requirements must be met:
- Your Lansweeper installation must be version 7.1 or higher.
- Your Lansweeper license must support Intune scanning.
- Your Lansweeper scanning server must have access to the Internet.
- You must provide Lansweeper with the username and password of a user that can see your Intune devices in Microsoft Azure.
- You must provide Lansweeper with the application ID of an application that can read Intune devices from the Microsoft Graph API.
Setting up the Intune application
To set up an application that can read Intune devices from the Microsoft Graph API, do the following:
- In your Azure dashboard, go to Azure Active Directory and click App Registrations, then click on New application registration.
- Fill in an application name, use Native for the Application Type and provide a redirect URI (e.g. https://localhost:44300). Afterwards, click save to register the application.
- Select the newly registered application and click on Settings, Required permissions and Add under required permissions.
- Select the Microsoft Graph API afterwards click Select below at the bottom of the page.
- Select the following required permission: Read Microsoft Intune devices. After selecting the permission, click Select and Done at the bottom of the page.
- Go to Azure Active Directory - Enterprise applications. In the All applications tab, search for the newly created application and select the application. Go to permissions and click Grant Admin Consent for.... This step requires administrative privileges in Microsoft's Azure Active Directory.
- The generated application ID for the new created application can be used to create scanning credentials in Lansweeper. The application ID is visible when going to the Azure Active Directory - App registrations.
- The devices that need to be scanned by Lansweeper, need to be enrolled and visible under Microsoft Intune in the Azure dashboard.