When a Windows device is joined to Azure Active Directory, the device can be automatically enrolled in XenMobile. To enable this, add the XenMobile enrollment URL to Azure Active Directory as detailed in this article. You can join Windows 10 devices to Microsoft Azure AD in any of the following ways:

·         Enroll in MDM as part of Azure AD Join out-of-the-box the first time the device is powered on.

·         Enroll in MDM as part of Azure AD Join from the Windows Settings page after the device is configured. This feature is not available on Windows 10 Phones.

·         Enroll in MDM as part of Azure AD Join as part of adding a work account on a personal device.

Instructions

Pre-requisites

• You have a Microsoft Azure Active Directory premium license.
• You have a XenMobile server up and running.
• You have a Windows 10 enterprise edition of computer. 

Creating MDM App in Azure Active Directory

1.	Login to Azure Portal.(https://portal.azure.com), post login from the left hand side select theAzure Active Directory > Mobility (MDM and MAM).
2.	From Add an application pane, click on On-Premise MDM application.
3.	Provide the Name of the application and click Add.
4.	Select the Application that you have created. Under Configure pane, select the targeted MDM User group, provide the MDM Terms of User URL as “https://<XMS Enrollment FQDN>:8443/zdm/wpe/tou“and MDM Discovery URL as “https:// <XMS Enrollment FQDN>:8443/zdm/wpe” and then save the config. Now click on “On-Premise MDM application settings”
5.	In the Properties pane, set the APP ID URL as “https:// <XMS Enrollment FQDN>:8443” and note the Application ID (which you will be using it as Client ID in XenMobile configuration) Note: This App ID URI is a unique ID which you will not be allowed to used again in any other app.
6.	Click on Keys tab to create the authentication key by providing the Description and Expiry, Save the configuration to view the key value. Note: Key will be only shown once, upon saving the config.
7.	Tenant ID can be found in the Help (?) > Show Diagnostic page Now Look for the Tenant ID in the Pop up page.

Managing Azure in XenMobile Server

	Login to XenMobile Server. Post login, click on Setting and then click on Microsoft Azure.
2.	Provide the App ID URL, Tenant ID, Client ID and Key that you collected from the previous steps and then Save it.   App ID URI : “https://<XMS Enrollment URL>:8443" Tenant ID : You will get this value from the step 7 of the previous section. Client ID : You will get this value from the step 5 of the previous section. Key : You will get this value from the step 6 of the previous section.
3.	You will need to push the Terms and Conditions policy, post login to XenMobile server Navigate to Configure > Device Policies > Add > Terms and Conditions.

	Login to Windows Enterprise edition Computer and open Settings > Accounts > Access work or School and then click on Connect.
2.	From the "Set up a work or school account" pane select the Alternative action to “Join this device to Azure Active Directory”.
3.	Provide the AAD credentials and Sign In.
4.	Accept the Terms and Conditions set by your enterprise.
5.	Click Join to proceed with the enrollment process. Click Done to complete the enrollment process.