Migrating an Intune on-premises Enrollment Gateway to an Entrust-hosted Enrollment Gateway

See below for migrating Intune enrollment from a customer-hosted Enrollment Gateway to an Entrust-hosted Enrollment Gateway.

To migrate Intune enrollment to an Entrust-hosted Enrollment Gateway

1. Deploy an Entrust-hosted Enrollment Gateway as explained in Configuring Intune automation in Entrust Certificate Services.

2. In Microsoft Endpoint, replace the SCEP Server URLs of all your Intune SCEP configuration profiles with the values described in Getting the Intune Service URL.

3. Test and validate the new Entrust-hosted Intune service.

4. If the customer-hosted Enrollment Gateway was only used for Intune enrollment, remove it as explained in Deleting an on-premises Certificate Enrollment Gateway. Otherwise, if still used for other enrollment protocols (such as ACME, SCEP, or WSTEP):

   • Disable Intune enrollment in the customer-hosted Enrollment Gateway configuration.

   • DO NOT remove the customer-hosted Enrollment Gateway from the Entrust Certificate Services portal.