Configuring the NDES Connector for Microsoft Intune can be painful on a vanilla Windows Server 2016. After installing the NDES connector successfully you need to establish the connection with your Microsoft Intune tenant.

While trying to sign in you end up in an endless loop, every time you end up with a new login. Since the connector is using the Internet Explorer APIs the new security features in Windows Server 2016 could be causing the issue of not being able to connect to Intune.

NDESConnectorUI.log file

When using Internet Explorer to login to the Azure or Office 365 Portals learns that this is also not going as smooth as it should be. While troubleshooting this issue I was a nice article on TuneComp pointing me to the right direction.

The IE Enhanced Security Configuration needs to be disabled to be allowed to activate the NDES Connector. So, if you start the Server Manager and open Local Server you see the IE Enhanced Security Configuration set to On. Click On.

Server Manager on Windows Server 2016

Turn off IE Enhanced Security Configuration for Administrators and/or for Users and click OK. Turning it off of the Administrators should do the trick for activating/enrolling the NDES Connector.

Configure the options

After turning off the IE Enhanced Security Configuration, logging in the Intune service to enroll with your Microsoft Intune NDES Policy Module Connector works like a charm.

Enrolling NDES Connector successful completed

After the configuration is done and the NDES Connector is up and running, and tested you should be able to enable the IE Enhanced Security Configuration again.

Comments