Connecting to Intune

What evidence does this connector collect?

ControlMap connects to Intune to collect the following as Evidence 

  1. List of users, their MFA status, and the employee email associated with the account from the MS Intune application. 
  2. List of assets configured and their owners from MS Intune.

 

What compliance checks does this connector collect?

  1. All user accounts in MS Intune are assigned an employee / owner
  2. Each device in MS Intune has an owner assigned
  3. MS Intune admins have MFA enabled
  4. MS Intune users have MFA enabled

 

How to connect?

 

You can connect to MS Intune by providing the tenant Id of your MS Intune instance. The tenant ID can be accessed here by logging in as an admin.

https://endpoint.microsoft.com/#settings/directory

 

Note the tenant id of the Current directory.

 

_WRTGbfiMY2rmTW5l8hAr22LLNXSUF5Wvw.png

 

Once you have access to the tenant ID,  enter the tenant ID in the ControlMap connection screen and follow the prompts to authorize ControlMap to access your company's Intune environment.

 

Step 1 -> Provide Tenant ID in your connection settings screen & click Connect To Intune

 

l_VuD-ZhXaTv8nL4-X7C01h-03FOEHZrCA.png

 

Step 2 -> Provide the required authorization to ControlMap to fetch information from Intune. 

 

 

i_JQ_HEuQiW_BRlHtS7U54WjqFvw3O9J5Q.png

 

Necessary Permissions from Intune for Integration to function as intended:

 

 

3drxH1wyU-VsNRrpQJV16hgvZN7FpxZQQw.png

 

 

 

Why do I see an UNVERIFIED message?

 

ControlMap application is not published by Microsoft, and ControlMap is also not a Microsoft partner hence by default, an unverified message is displayed. ControlMap is working with Microsoft Support to find other ways such as domain authentication to clear that message.