macOS

1. Create the following shell file on your machine and name it intune_device_id.sh:

#!/bin/sh
echo $(security find-certificate -a | awk -F= '/issu/ && /MICROSOFT INTUNE MDM DEVICE CA/ { getline; print $2}' | tr -d '"' 2>/dev/null)

2. In the AppGate ZTNA admin UI, go to Identity and then Device Claim Scripts.

3. Click + Add New and fill in the following fields:

   • Name: mac_intune_id

   • File: Upload the file intune_device_id.sh

4. Click Save.

5. Go to Identity and then Identity Providers.

6. Select the identity providers you use to authenticate your users. Scroll down to Configure On-demand Device Claims and click + Add.

7. Fill in the following fields:

8. Click Done, then click Save.

NOTE

For this device claim to take effect, the end user must log out of the AppGate ZTNA client and log back in.