News Categories
Announcement (9) Amy Babinchak (64) Tips (1) SBS 2011 (6) Windows Essentials 2012 (4) Edwin Sarmiento (28) SQL Server (22) SQL Server 2012 (6) SQL Server Clustering (3) SQL Server Disaster Recovery (6) Windows Server 2008 Clustering (1) log shipping (1) Brian Higgins (3) Uncategorized (42) Hyper-V (67) Virtualization (13) Windows 8 (13) Cisco VPN Client (1) Windows Server 2012 (24) Friend of TT (4) Hangout (2) Office365 (4) DNS (8) Jeremy (7) Cliff Galiher (3) Active Directory (12) ClearOS (4) Linux (4) presentations (2) SQL PASS (6) Chris Matthews (4) Printers (2) SharePoint (8) SQL Server Administration (7) Windows PowerShell (3) recovery model (1) sql server databases (1) Dave Shackelford (7) SMB Nation (1) Steve (1) Boon Tee (5) Kevin Royalty (3) Lee Wilbur (2) Philip Elder (10) SMBKitchen Crew (31) Susan Bradley (15) AlwaysOn (1) AlwaysOn Availability Groups (4) readable secondaries (1) row versioning (1) undocumented (1) The Project (2) Webinar (3) Enterprise for SMB Project (9) Security (25) Remote Desktop Connection for Mac (1) Remote Desktop Services (8) Windows Server 2008 (1) Exchange (15) Powershell (6) Microsoft (15) Performance (7) data types (1) Server 2012 (1) monitoring (1) DevTeach (1) SQL Server High Availability and Disaster Recovery (5) Clusters (44) Hyper-V Server 2012 (2) Business Principles (26) Cost of Doing Business (13) DHCP (7) sbs (15) Windows Server (30) SMBKitchen (26) Windows Server 2008 R2 (4) StorageCraft (1) P2V (1) ShadowProtect (6) StorageCraft ShadowProtect (1) VHDs (1) Intel RAID (2) Intel Server System R2208GZ (1) Intel Server Systems (17) RAID (2) SAS (2) SATA (2) Server Hardware (12) Microsoft Licensing (2) OEM (2) System Builder Tips (4) Intel (5) Intel Channel Partner Program (4) Intel Product Support (10) Intel Server Boards (2) Intel Server Manager (2) Cloud (26) IT Solutions (2) On-Premises (20) SMB (9) WIndows Azure (2) StorageSpaces (1) Error (47) Error Fix (35) Intel Desktop Boards (2) Intel SSDs (2) SSD (2) Business Opportunity (17) Data Security (11) Identity Security (7) Information Security (14) Privacy (2) Intel Modular Server (6) Promise (2) Storage Systems (9) Live ID (2) Microsoft ID (4) User Profiles (2) Articles (2) Building Client Relationships (6) DBCC IND (2) DBCC PAGE (2) filtered indexes (2) SQL Server Index Internals (2) training (11) Adobe (3) Internet Street Smart (8) Intel Storage Systems (2) LSI Corp (2) LSI SAS6160 Switch (2) Storage Spaces (7) Firmware Update (2) Product Support (7) Hybrid Cloud Solutions (3) Server Core (2) MAXDOP (1) SharePoint 2013 (1) SharePoint best practices (1) SQL Server Authentication (1) Family (5) Alternatives (1) SBS 2011 Standard (4) Microsoft Small Business Specialist Community (2) Microsoft Surface (2) SBSC (2) Networking (4) Availability Groups (3) CANITPro (1) HA/DR (1) Step-By-Step: Creating a SQL Server 2012 AlwaysOn Availability Group (1) webcast (1) VMWare (2) Conferences (2) Client Focus (2) Disaster Recovery (6) Error Workaround (8) Troubleshooting (4) Logitech (2) Product Review (7) Windows Features (4) XBox Music (2) SBS 2008 All Editions (4) MDOP (2) Microsoft Desktop Optimization Pack (2) Software Assurance (2) W2012E (6) Windows Server 2012 Essentials (6) Internet Explorer (3) USB 3.0 (2) USB Hard Drive (2) Bug Report (2) Microsoft Office 365 (5) sharepoint online (2) BitLocker (2) Windows (2) Microsoft Update (3) Swing Migration (2) Windows Update (4) Outlook (2) Group Policy (9) WS2012e (2) WSUS (3) Office (3) Microsoft Downloads (5) Microsoft Office (3) DRP (3) Virtual Machines (2) Virtual Server Hardware (2) online course (1) SQL Server learning (7) 2 Factor Authentication (2) 2FA (2) PASS Summit 2013 (4) SQLPASS (5) Contest (1) e-learning (1) Udemy (1) smbtechfest (1) backups (2) PASS Summit First Timers (3) IIS (2) RD Gateway (4) RD RemoteApp (2) RDWeb (4) Remote Desktop Connection (2) Remote Web Access (2) Remote Web Workplace (2) Cryptolocker (6) Backup (4) Restore (2) CryptoLocker (1) AuthAnvil (1) SBS 2003 (1) SBS Migration (1) Windows Server 2012 R2 (9) Documentation (1) IE 11 (4) testimonials (11) SQL Server 2008 (1) Best Practices (1) Support (1) Intel Xeon Processor (1) RemoteApp (1) Android (1) iOS (1) Hyper-V Replica (2) PowerShell (2) SBS (3) Break (1) Business Intelligence (1) Excel 2013 (1) Power Map (1) Power Query (1) PowerBI (1) MultiPoint (2) Surface (1) Net Neutrality (1) Opinion (2) ASP (9) HP (2) Scale-Out File Server (8) SOFS (10) Windows Phone (1) Updates (1) Intel NUC (1) Intuit (1) QuickBooks (1) Office364 (1) Intel Server Systems;Hyper-V (1) Firewall (1) Patching (1) Mobile (1) Mobility (1) sharepoint (1) Microsoft Security (1) Beta (1) Storage Replication (1) outlook (1) Hyper-V Setup (3) JBOD (1) Azure (1) PCI (1) PCI DSS (1) PII (1) POS (1) MicroStaff (2) Catherine Barr (2) Third Tier (1) BeTheCloud (1) BrainExplosion (1) LookAWhale (1) Manuel (1) Rayanne (3) SuperSecretNews (1) TechYourBooks (3) Managed Services (1) Training (1) E-mail (1)
RSS Feed
News
Sep
6
Use Intune to remove a forgotten iPhone passcode
Posted by Amy Babinchak on 06 September 2018 11:16 AM

Recently I applied a new compliance policy to our corporate iPhones. This included the requirement that the passcode be changed occasionally. The time came to change my passcode. It was late at night. I typed in something twice and successfully changed it. However, in the morning the passcode I thought I had typed was not working. Obviously in my sleepy state I had successfully entered something else twice. Oh Joy.

My phone gave me a few tries with wait times between each one then a warning that if I reached 10 failures that I would have to reset the phone. For me setting up a new phone is like getting a new computer. I have a lot of apps, data and photos. Far more than the iCloud backup will hold so I knew I would be losing stuff. Probably not critical things but enough to be annoying.

Then I remembered seeing something in Intune that might do the trick.

Joining your phone to Intune

 

Your phones, whether personal or corporate need to have registered with Intune first or you won’t be able to do this. Fortunately mine was so I could immediately use the Remove Passcode feature of Intune. (see the next section)

To register your phone with Intune each phone will need to download and install the app Company Portal from the iTunes store. Once installed they will need to login with their Office 365/AzureAD account and then accept a bunch of prompts which will download the management profile.

This does not mean that the corporation now has access to everything on your phone. That will depend on the policy that the corporation has set for personally owned devices. Most often the corporation is only concerned about helping you configure your email profile, keeping the device up to date and being able to help you can back into it should you get locked out. Your situation may vary so before you join your phone make sure you know what the policy is.

The Company Portal app will walk you through the process. Basically you have to login, install the management profile and then adjust any settings that are required by your organization. There are a bunch of screens that are required to make this happen, perhaps 20+ but it’s really not complicated. Below I’ve highlighted the most significant steps.

Log in using your Office 365/Azure AD credentials and accept the terms of service.

Company portal app accept the terms

Next you’ll get a couple of screens that describe what is going to happen. You’ll continue along and install the management profile.

Company portal what's going to happen nowcompany portal app install the management profile

A certificate from Apple will be installed. Be sure to install it and then Trust it as prompted. Finally you will need to bring your phone up to the current OS version and perhaps tweak a few settings. The app will let you know which ones and take you there.

Company portal app allow remote managementcompany portal app update settings

You can click Check settings and the How to resolve this link to get instructions for what change is needed on your phone. Most often it will be that you need to set a more complex passcode to gain access to your phone than you are currently using. Eventually, you are Done!

Don’t worry it is far more complex to show all of the screenshots and explain the process than it is to do. When everything is showing pretty green checks hit that Done button.

   company portal update the phonecompany portal all green checks

How to remove the passcode using Intune

Log into https://portal.azure.com with an admin account. Launch Intune. Navigate to Device/All Devices and then select the phone that you want to remove the passcode on.

Press the Remove passcode button at the top of the page. It took my phone less than a minute before the passcode was gone. Then within another minute the Intune policy for my phone kicked in and I was asked to create a passcode. Voila, new passcode. This time created with a clear and awake brain.

_____________________________

About Third Tier

Open a ticket with us! Established in 2008, Third Tier only works for IT Professionals by providing them with access to advanced support services. No one can know it all these days, so we give IT pros a place to go to get the hands on support they need in areas they normally don’t work in or problems they’ve never encountered. We also work on projects, fix their accounting practices and do many, many migrations and other installations. Our staff covers a wide range of technologies.

Website: http://www.thirdtier.net

Helpdesk: https://helpdesk.thirdtier.net

Blog: http://www.thirdtier.net/blog


Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below. This is required to prevent automated registrations and form submissions.

Help Desk Software by Kayako Fusion