Enjoy Sharing

Setting Up An EMS Lab in ARM (Azure Resource Manager) Step-By-Step – Part 7

Quick links to the other parts of the post:-


What is an EMS lab without an EMS subscription, right? So now we’re gonna add an EMS subscription. We do this from the Office 365 portal https://portal.office.com. Once logged in, go to Billing > Subscriptions. There you will see that you can add subscriptions at the top right corner of the screen. Click + Add subscriptions.



Here you’ll see heaps of different subscriptions you can add to your tenant. Scroll through the page and look for Enterprise Mobility Suite Direct and hover over it then click Start free trial.



You’ll be asked to confirm your order then click Try now.



In the order receipt page, click Continue.



Now, this trial subscription will give you up to 100 users for up to 30 days. Now most of you do not want your lab to last only for 30 days, right? The good news is, from my experience you will be able to extend your EMS trial to 180 days. That’s 6 months…not too bad at all.

How you do this is to call up the Microsoft Online Services Support. I know this can be very difficult to find the right number to call so I’m gonna save you some misery. For Australia the number is 1800 197 503. For other countries look up the link below for your respective number to call. Look under the “Microsoft Dynamics CRM Online, Microsoft Dynamics Marketing, Microsoft Social Engagement and Parature, from Microsoft” section. Honestly I am not sure why it is under that section. In some other pages, this number is called the “Global Office 365 support phone numbers for admins”.




After the trial extension, you’ll it reflected in the portal page.



It is a good thing to also now assign a license to the Global Administrator account as of the requirement from Microsoft since November 2015. Basically, go to Active users, highlight your admin user then click on the Edit link beside Product license.



Click on the flip switch for Enterprise Mobility Suite, and then click Save.



Click Close.



If you don’t already know, EMS is a licensing construct that includes basically 4 products; Azure Active Directory Premium, Intune, Azure Rights Management and Advanced Threat Analysis. So once you’ve got the EMS subscription added you should be able to log on to the Intune portal at https://manage.microsoft.com. Remember to use another browser other than Microsoft Edge for this as currently the portal is still built on Silverlight. HTML5 to come soon.



Once you’ve confirmed that you’ve got an Intune tenant, it is time to set up hybrid connection with Configuration Manager that we’ve installed for this lab. Back in the Configuration Manager console, navigate to Overview > Microsoft Intune Subscriptions. Right-click on it and the select Add Microsoft Intune Subscriptions.



In the Introduction page, click Next.



In the Subscription page, click Sign In.



Select the checkbox for I understand that after I complete the sign-in process, the mobile device management authority is permanently set to Configuration Manager and cannot be changed. Then click OK.



Log in with an administrator account to the Intune tenant, then click Sign in.

Note: If you do get an error after signing in, make sure you have Silverlight installed.



Back to the Subscription page, click Next.



In the General page, click the Browse button for the collection.



Here you have an option of choosing a user collection that will allow its members to enroll devices to Intune. You can choose to create a custom collection to control the users who are allowed to enroll their phones to Intune or in my case, I’ve selected the default All Users and User Groups collection which allows basically every user in the domain to enroll the phones to Intune.



Back in the General page, fill in the information for Company name, URL and the Configuration Manager site that you want Intune to be connected to. Typically this will be your CAS server if you have one, if not, this will be your Primary Site. Click Next.



Fill in the information as needed then click Next.



In the Company Logo page, you can browse for a company logo image or leave it for now and you can configure it later. Click Next.



In the Device Enrollment Manager page, leave the default if you want to configure this later or add users as Device Enrollment Managers. Click Next.



You can select to enable multi-factor authentication if you want to initiate a MFA request when a user enrolls a device. I’m gonna leave it for now as I can enable it later if I want to. Click Next.



In the Summary page, click Next.



In the Completion page, click Close.







Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s