Register an Application in Microsoft Entra ID

1. Navigate to the Microsoft Azure Portal.
2. Proceed to Microsoft Entra ID > App registrations and select New registration.
3. Register a new application. Securely note the following generated values:
1. Application (client) ID
2. Directory (tenant) ID
4. Generate a Client Secret for authentication.
5. Configure a Redirect URI (platform: Web) as provided by Lenovo.
6. Grant the necessary Microsoft Graph API permissions (e.g., DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementServiceConfig.ReadWrite.All) to the application and grant admin consent.

Configure the Microsoft Intune Connector in LDM

1. In the LDM console, navigate to Policy Management > Feature Settings > Connectors.
2. Locate and select Manage Connector for Microsoft Intune.
3. In the configuration pane, enter the following credentials:
1. Directory ID (Tenant ID)
2. Application ID (Client ID)
3. Client Secret
4. Select Connect to establish the integration.

Synchronize Microsoft Intune Groups

1. From either Policy Management or Device Management in LDM, select the option to Sync Intune Groups.
2. A list of available groups from Intune will be displayed (up to 100 groups).
3. Select the desired groups and initiate synchronization.
   

This process creates the group structure within LDM but does not synchronize individual member details.

Enroll and Configure Devices in Microsoft Intune

1. Ensure the Company Portal app is installed on the target Windows devices.
2. Instruct users to sign into the Company Portal with their corporate credentials and complete the enrollment process.
3. Verify that the devices appear as successfully enrolled in the Microsoft Intune admin center. Please allow up to 30 minutes for the enrollment status to propagate.

Deploy the Lenovo UDC Provisioning Pack via Intune

1. Within the Lenovo Device Management portal, download the UDC provisioning pack (organization-setup.intunewin).
2. In the Microsoft Intune admin center, add a new Windows app of the Win32 type.
3. Upload the organization-setup.intunewin file.
4. Configure the installation settings:
1. Install command: install.cmd
2. Uninstall command: uninstall.cmd
5. Configure the detection rules to ensure accurate installation reporting. Assign the application to the required device groups.

Onboard Devices to Lenovo Device Management

1. In the Lenovo Device Management portal, navigate to the device onboarding section.
2. Enter the App ID from the relevant Intune application deployment.
3. Select the target devices for onboarding.
4. The device status will initially appear as Pending. Once the UDC provisioning pack is successfully installed and registers with the LDM service, the status will change to Onboarded.

1. Provisioning Pack Validity: The generated Lenovo UDC provisioning pack is currently valid for 24 hours. This duration is subject to change in future releases.
2. Synchronization Timing: Synchronization of data between Microsoft Intune and Lenovo Device Management typically occurs within 10 to 30 minutes. In larger environments, this process may take longer.
3. Pre-claimed Devices: Devices that were already claimed directly in Lenovo Device Management prior to their enrollment in Microsoft Intune may not onboard successfully through this process. It is recommended to use a unified enrollment path.