CYBERDOM

Just another day of IR, Threat-Hunting & Microsoft Security

Configure Lookout & Microsoft Intune

by · July 18, 2018

Lookout’s mobile app, Lookout for work, is installed and run on mobile devices.

This app captures file system, network stack, and device and application telemetry where available, then sends it to the Lookout cloud service to assess the device’s risk for mobile threats. You can change risk level classifications for threats in the Lookout console to suit your requirements.

Post Contents Show

How to configure Lookout and Intune

First thing first, the Microsoft Intune tenant needs to get the integration between Microsoft Intune and Lookout to work. When you look in the Intune portal, you see the settings of Third Party Service Integration with Lookout Status.

Configure Lookout & Microsoft Intune

Configure Groups

Create the following groups, and those groups can be created in your local Active Directory or directly in Azure AD. The following groups need to be created;

Group name Purpose
Lookout Administrators All Administrators for the Lookout Service
Lookout Restricted Administrators Restricted Admin access to the Lookout service
Lookout Users All users that need Lookout for Work (enrollment group)

When using Lookout Administrators and Lookout Restricted Administrators, you need to configure the Azure AD group’s object ID to the support desk of Lookout.

After the groups’ configuration is done, you need to add your Tenant Global Admin in the Lookout Administrators to configure the connection between Lookout MTP and Microsoft Intune.

Configure Lookout

The next step is to accept the consent for allowing Lookout MTP to get access to Microsoft Intune. Lookout MTP needs to have access to the following;

  • Send device threat information to Microsoft Intune.
  • Read directory data from Azure AD.
  • Access your organization’s directory

Log in with the Azure AD Global Admin to https://aad.lookout.com/les?action=consent and accept the consent.

After the consent has been accepted, the connector can be setup in the console of Lookout MTP.
Login to the Lookout MTP console via http://aad.lookout.com and go to:

  • System > Connectors > Add Connector > choose Intune

After selecting Intune, the connector needs to be created. This can be done by clicking on Create Connector as shown in the figure below.

The action of discovering users and their devices is done based on enrollment groups. This can be one or more Azure AD group.
Once the connector has been created, click Enrollment Management, add the Azure AD group’s display name, and save changes.

Configure Intune

Next, we need to enable the connection in the Microsoft Intune console. Browse in the Microsoft Intune console to Admin > Third-Party Service Integration > Lookout Status.

Enable the Connect with Lookout MTP switch and look at the status to be changing from Provisioned to Active.

More information about integration in the next posts.

Configure Lookout & Microsoft Intune

by · July 18, 2018

Lookout’s mobile app, Lookout for work, is installed and run on mobile devices.
This app captures file system, network stack, and device and application telemetry where available, then sends it to the Lookout cloud service to assess the device’s risk for mobile threats. You can change risk level classifications for threats in the Lookout console to suit your requirements.

How to configure Lookout and Intune

First thing first, the Microsoft Intune tenant needs to get the integration between Microsoft Intune and Lookout to work. When you look in the Intune portal, you see the settings of Third Party Service Integration with Lookout Status.
Configure Lookout & Microsoft Intune

Configure Groups

Create the following groups, and those groups can be created in your local Active Directory or directly in Azure AD. The following groups need to be created;

Group name Purpose
Lookout Administrators All Administrators for the Lookout Service
Lookout Restricted Administrators Restricted Admin access to the Lookout service
Lookout Users All users that need Lookout for Work (enrollment group)


When using Lookout Administrators and Lookout Restricted Administrators, you need to configure the Azure AD group’s object ID to the support desk of Lookout.
After the groups’ configuration is done, you need to add your Tenant Global Admin in the Lookout Administrators to configure the connection between Lookout MTP and Microsoft Intune.

Configure Lookout

The next step is to accept the consent for allowing Lookout MTP to get access to Microsoft Intune. Lookout MTP needs to have access to the following;

  • Send device threat information to Microsoft Intune.
  • Read directory data from Azure AD.
  • Access your organization’s directory

Log in with the Azure AD Global Admin to https://aad.lookout.com/les?action=consent and accept the consent.

After the consent has been accepted, the connector can be setup in the console of Lookout MTP.
Login to the Lookout MTP console via http://aad.lookout.com and go to:

  • System > Connectors > Add Connector > choose Intune


After selecting Intune, the connector needs to be created. This can be done by clicking on Create Connector as shown in the figure below.

The action of discovering users and their devices is done based on enrollment groups. This can be one or more Azure AD group.
Once the connector has been created, click Enrollment Management, add the Azure AD group’s display name, and save changes.

Configure Intune

Next, we need to enable the connection in the Microsoft Intune console. Browse in the Microsoft Intune console to Admin > Third-Party Service Integration > Lookout Status.
Enable the Connect with Lookout MTP switch and look at the status to be changing from Provisioned to Active.

More information about integration in the next posts.

Tags:

You may also like...

1 Response

  1. הכירו את Mobile Threat Defense - IT-Portal
    October 26, 2021

    […] איך להגדיר Lookout מול Intune […]

Leave a Reply

error: Content is Protected !!
%d bloggers like this: