How to Configure Token-Based Unattended Enrollment Using Microsoft Intune
In addition to using Certificates for Unattended Enrollment, the Barracuda SecureEdge Manager allows you to configure Unattended Enrollment by using an enrollment token.
The Unattended Enrollment feature utilizes token-based enrollment, which is supported across all operating system platforms.
Step 1. Retrieve Token from SecureEdge Manager
You must first create an enrollment invitation for your device via the Access > Enrollments page. For more information, see Enrollments.
Go to https://se.barracudanetworks.com and log in with your existing Barracuda Cloud Control account.
The chosen Tenant/Workspace is displayed in the top menu bar.
Click the expandable drop-down menu and select the workspace you want to enroll in.
In the left menu, click Access and select Enrollment.
The Enrollment page opens.
To copy the enrollment token, proceed with the following steps:
On the Enrollments page, click the icon of three vertical dots to copy the enrollment token.
Click Copy 3rd Party token.
Paste the token into a text file. You will need this token in Step 2.
Step 2. Configure Microsoft Intune for Token-Based Enrollment
On Windows:
Open Microsoft Intune admin center.
Go to Apps > Windows.
The Windows apps page opens. Click Create.
The Select app type window opens. Specify a value for the following:
App type – Select Line-of-business app from the drop-down list and click Select.
The Add App window opens. Click Select app package file. On the App package file window, select a file to upload and click OK.
In the App information tab, specify values for the following:
Name – Enter a unique name, e.g.,
Barracuda SecureEdge Agent 3.0.0-38 (Demo).Description – Enter a brief description. E.g.,
Barracuda SecureEdge Agent 3.0.0-38 (Demo).Publisher – Enter a publisher name. E.g.,
Barracuda Networks.Ignore app version – Select No.
Command-line arguments – Enter the enrollment token here that you retrieved in Step 1. E.g.,
/quiet TENANT_TOKEN ="demo-unattended-token-123e4567-e89b-12d3-a456-426614174001"
Click Next.
In the Assignment tab, specify the following values:
To add a group, click Add group.
To add all users, click Add all users.
Click Next.
The Review + Create tab opens. Click Create. You can see the Application created message at the top-right corner.
On iOS:
Open Microsoft Intune.
For iOS, go to Apps > iOS/iPadOS > Manage apps > Configuration.
To create a new app configuration policy, click + Create and select Managed devices.
The Create app configuration policy window opens.
In the Basics tab, specify values for the following:
Name – Enter a unique name, e.g.,
iOS Token-based Enrollment.Platform – Select iOS/iPadOS.
Targeted app – Select Barracuda SecureEdge.
Click Next.
In the Settings tab, specify values for the following:
Configuration settings format – Select Use configuration designer.
Ensure that the following three string-based parameters are properly configured:
TENANT_DOMAIN – Enter the unique domain as configured in the SecureEdge Manager, e.g.,
mycorp-prod.se.barracudanetworks.comTENANT_TOKEN – Enter the enrollment token here that you retrieved in Step 1.
USER_IDENTITY – Enter
{{userprincipalname}}. Please note that this will automatically be replaced with the device owner’s User Principal Name during the deployment process.