Whilst at a customer’s site recently, I was asked to look into an error they were receiving whilst attempting to add an Intune subscription to ConfigMgr 2012 SP1.
In the ConfigMgr 2012 SP1 console:
Right click Windows Intune Subscriptions:
Create Windows Intune Subscription:
Enter Intune credentials
And here we got the error
The credentials that were used to log in were the same used to create the Intune account, so there should not be a permissions issue.
Logging in to the Intune Admin Console verified the credentials were ok.
I checked who Intune thought was the Mobile Device Management Authority and this suggested the cause of the problem.
ConfigMgr was not allowed to be the Mobile Device Management authority for the subscription which resulted in the “access denied” error.
When the Mobile Device Management authority is not set in the Intune Admin Console
The Intune subscription is successfully created in the wizard and, to continue, ConfigMgr 2012 SP1 must be allowed to manage the subscription; in other words,be authoritative.
Once this is ticked, the wizard successfully continues.