Using InTune with Zscaler

Stevie
Contributor

Has anyone been able to get Microsoft InTune working with Zscaler or a proxy server? We have found that when Zscaler is enabled, the Jamf AAD never launches after the Company Portal has finished registering the device with the Azure portal. If we quit Zscaler and repeat the process the second login window is generated by Jamf AAD and the device is then fully enrolled into Intune.

I have passed a packet trace of the issue onto Zscaler for both setups. They have suggested a few SSL bypass setting for some Microsoft domains but as yet, they have been unable to solve the issue.

What SSL bypass rules have other people used on their firewall or proxy servers? Maybe everyone could post their setting for other people to use.

Zscaler have told us to enter the following SSL exemptions

.helpshift.com
.microsoft.com
.microsoftonline.com
login.windows.net
.microsoftonline-p.com
.jamfcloud.com

1 REPLY 1

petestanley
New Contributor III

We have InTune registration working with Zscaler enabled. Couldn't tell you our settings but was pretty frictionless - Didn't have to make any specific exceptions.