Windows Intune Direct Management and Windows RT 8.1

So here we are, 9 months have passed since my last blog post, I feel like it was a decade ago and that I wouldn’t have anything else to talk about on my blog anymore, or maybe just don’t want to blog anymore. But Microsoft did its magic once again, 2 weeks ago I was in Redmond for the MVP Global Summit where I purchased a Microsoft Surface 2 that comes preloaded with Windows RT 8.1.

I decided to try to use it as my primary machine for several days and since I’m now mostly using Microsoft Office and accessing my VMs on Windows Azure, it was sufficient and I honestly don’t think I need more than this little device is offering. I was happy …

But then I decided to be part of the MVP Community Roadshow this year again and talk about Windows Server 2012 R2, System Center 2012 R2, Windows Intune and Windows 8.1 and I said to myself that it could be nice to demo my brand new Surface 2 tablet joined to a Windows Intune Workplace, so I set up a Windows Intune Trial account, activated the Mobile Device Direct Management as described here and then tried to enroll my tablet, of course it didn’t work.

the issue in my scenario was that I didn’t have a public DNS domain and then I couldn’t publish a CNAME alias as described here and it looked OK since there’s a chapter saying that this is optional if you instruct your users to specify the windows intune management server at enrollment time. But here’s the catch, as stated in this other guide, the DNS alias is now mandatory with Windows 8.1 and Windows RT 8.1

Since I was not able to do this, I tried to trick Windows into thinking that the DNS alias was existent by  … editing the HOSTS file in the C:\Windows\System32\Drivers\Etc directory. This file allow you to manually and locally associate an FQDN with an IP address. therefore I added an entry like this

the alias must be, where of course you replace by whatever domain name is registered on your Windows Intune console. This alias needs to point to, as you can see in the screenshot, instead of using this as a target I used the IP address because the HOSTS file only allows to associate IP address and FQDN.

I then tried again to join my Surface 2 running Windows 8.1 to the Windows Intune workplace and …

 If you are in New York on Thursday, come to my MVP roadshow session on Unified Device Management, RSVP link is here :


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s