Endpoint management
Microsoft Intune
Before you start
6 min
verify your environment meets these requirements supported hardware {{k3}} , application version 6 3 1 x or later supported operating systems windows 2012 r2 (6 3 9600) and later required infrastructure a windows server joined to your active directory domain that acts as the enterprise ca a windows server joined to your active directory domain that acts as the network device enrollment service (ndes) service required access an account on the kmes with administrator permissions to create roles, identities, tls pki, and update system settings local administrator/root access on the windows machines acting as the enterprise ca and ndes servers network and firewall outbound tcp/2001 from the enterprise ca windows server to the kmes series 3 fqdn or cidr (for example, kmes example com or 10 0 0 0/24 ) tls inspection or ssl proxies can break mutual tls handshakes exempt the kmes fqdn(s) from inspection configure the kmes series 3 with an fqdn so the exemption applies