Configuring Intune settings in Patch Connect Plus console

ManageEngine Patch Connect Plus has recently extended it's Application Management capabilities to Microsoft Intune/Microsoft Endpoint Manager (MEM) to make third-party application management even easier. This document will explain the steps to configure Intune Application Management in Patch Connect Plus console.

Steps to configure Application Management for Intune/MEM

Below are the detailed steps to configuring Application Management for Intune/MEM on the Patch Connect Plus console

Registering new application in Azure AD

The very first step in configuring Intune settings in Patch Connect Plus console is to create client ID and tenant ID in Azure AD.

  • Navigate to Azure AD --> App registrations from the left tree and click on New registration

    Intune application registration

  • Here, give a suitable name for the application, say PCP-Intune. Then, configure the account types based on the requirements. Once done, click Register.

    Intune application registration

  • Now, you can see that the application has been registered with a unique Client ID and Tenant ID.

    Intune application registration

Adding API permissions to the registered application

  • Navigate to API Permissions to provide the necessary permissions for the created App.

    Adding API permissions

  • Here, click on Add a permission. Now, in the new window choose Microsoft Graph and select Application permission.

    Adding API permissions

  • Now, expand the "DeviceManagementApps" tab and enable the following options.

    • DeviceManagementApps.Read.All
    • DeviceManagementApps.ReadWrite.All
    • DeviceManagementConfiguration.Read.All
    • DeviceManagementConfiguration.ReadWrite.All
    • DeviceManagementManagedDevices.Read.All
    • Device ManagementManagedDevices.ReadWrite.All
    • Group.Read.All
    • AuditLog.Read.All
    • GroupMember.Read.All
    • Directory.Read.All

    Adding API permissions
  • Once that's done, enable Group.Read.All option under Group toggle and click on Update permissions.

    Adding API permissions

  • Once done, click on Grant admin consent for to approve the new permissions, and select Yes wherever prompted to provide consent.

    Adding API permissions

Creating new client secret

  • Once the admin consent is granted to the application, it's time to create a new client secret. Navigate to Certificates & secrets and click on New client secret.

    Creating new client secret

  • Now, provide a description to the client secret, set the client secret to Never expire, and click on Add.

    Creating new client secret

  • Client secret for Patch Connect Plus has been successfully created. Copy and save the secret key in a secure location for future use.

    Create new client secret

  • Now, copy the Client ID and Tenant ID from Overview in the left pane.

    Client ID and Tenant ID

Intune configuration in Patch Connect Plus console

  • Once copied, now, from the machine where Patch Connect Plus is installed, open up the product's web console via a web browser. The URL should look like this: http://localhost:5020/
  • Once, the console is open, navigate to Admin --> Intune settings and paste the Client ID, Tenant ID, and Client security, and click on Save.

    • Intune-configuration

You have now successfully configured Application Management for MEM/Intune on the Patch Connect Plus console