edits

deadlypants1973 · deadlypants1973 · commit 1a83d712bd6f · 2025-09-26T16:12:04.000+01:00
diff --git a/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/partners/intune.mdx b/src/content/docs/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/partners/intune.mdx
@@ -133,8 +133,11 @@ Deploy configuration profiles (steps 1, 2, and 3) before the WARP application (s
 You must deploy a [user-side certificate](/cloudflare-one/connections/connect-devices/user-side-certificates/) so that devices managed by Intune can establish trust with Cloudflare when their traffic is inspected.
 
 1. Log into [Zero Trust](https://one.dash.cloudflare.com/).
+
 2. Go to **Settings** > **Resources** > under **Certificates**, select **Manage**.
+
 3. Find your [certificate](/cloudflare-one/connections/connect-devices/user-side-certificates/) and select the three dot icon next to it > select **Download .crt**.
+
 4. In the [Microsoft Intune admin center](https://intune.microsoft.com) > go to **Devices** > select **macOS**.
 
 	![Intune admin console where you select macOS before creating a policy](~/assets/images/cloudflare-one/connections/intune/devices-macos.png)
@@ -144,11 +147,17 @@ You must deploy a [user-side certificate](/cloudflare-one/connections/connect-de
 	![Intune admin console where you will create a new policy](~/assets/images/cloudflare-one/connections/intune/manage-devices-configuration.png)
 
 6. Select **Create** > **New Policy**.
+
 7. For **Profile Type**, select _Templates_ > select **Trusted certificate** as the **Template name** > select **Create**.
+
 8. In **Basics**, input the necessary field(s) and give your policy a name like "Cloudflare certificate" > select **Next**.
+
 9. For **Deployment Channel**, select **Device Channel**.
+
 10. Upload your file (Intune may request `.cer` format, though `.crt` files are also accepted) > select **Next**.
+
 11. In **Assignments**, select an option (for example, **Add all devices** or **Add all users**) that is valid for your scope. This will be the same scope for all steps. Select **Next**.
+
 12. Review your configuration in **Review + create** and select **Create**.
 
 Sharing this certificate with Intune automates the installation of this certificate on your user devices. Creating trust between browsers on a user's device and Cloudflare.
@@ -158,13 +167,21 @@ Sharing this certificate with Intune automates the installation of this certific
 Before deploying WARP, you need to allow its system extensions.
 
 1. In the [Microsoft Intune admin center](https://intune.microsoft.com) > go to **Devices** > **macOS**.
+
 2. Under **Manage devices**, select **Configuration**.
+
 3. Select **Create** > **New Policy**.
+
 4. For **Profile type**, select _Settings catalog_ > select **Create**.
+
 5. In **Basics**, input the necessary field(s) and give your policy a name like "WARP System Extensions" > select **Next**.
+
 6. In **Configuration settings**, select **Add settings**.
+
 7. In the **Settings picker**, search for **System Extensions** under System Configuration.
+
 8. Enable **Allowed System Extensions**.
+
 9. Select **Edit instance** and add:
 
 	- Bundle Identifier: `com.cloudflare.1.1.1.1`
@@ -173,8 +190,11 @@ Before deploying WARP, you need to allow its system extensions.
 	![Intune admin console where you enter team identifier and bundle identifier](~/assets/images/cloudflare-one/connections/intune/intune-bundle-team-identifier.png)
 
 10. Select **Save**.
+
 11. In **Scope tags**, select **Next**.
+
 12. In **Assignments**, select an option (for example, **Add all devices** or **Add all users**) that is valid for your scope. This will be the same scope for all steps. Select **Next**.
+
 13. Review your configuration and select **Create**.
 
 This step allows WARP to install without user interaction. By completing this step, you allow WARP to install and manage its required system extensions without end-user prompts.
@@ -231,7 +251,9 @@ This step allows WARP to install without user interaction. By completing this st
 	</plist>
 	```
 2. Open your macOS Terminal and run `uuidgen`. This will generate a value for `PayloadUUID`. Use this value to replace the default value (`YOUR_PAYLOAD_UUID_HERE`) used in the template (three locations total).
+
 3. Update your organization's string (`YOUR_TEAM_NAME_HERE`) with your [team name](/cloudflare-one/faq/getting-started-faq/#what-is-a-team-domainteam-name).
+
 4. Modify the file with your desired [deployment parameters](/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/parameters/).
 	```
 	<array>
@@ -245,14 +267,23 @@ This step allows WARP to install without user interaction. By completing this st
 	Start by deploying the template in its default, minimal form. This helps you verify a successful deployment before adding custom parameters.
 	:::
 5. In the [Microsoft Intune admin center](https://intune.microsoft.com) > go to **Devices** > **macOS**.
+
 6. Under **Manage devices**, select **Configurations**.
+
 7. Select **Create** > **New Policy**.
+
 8. For **Profile Type**, select _Templates_ > select **Custom** as the **Template name** > select **Create**.
+
 9. In **Basics**, input the necessary field(s) > select **Next**.
+
 10. In **Custom configuration profile name**, input a name.
+
 11. For **Deployment Channel**, select **Device Channel**.
+
 12. Under **Configuration profile file**, upload your `.mobileconfig` file that you made in your text editor in step one > select **Next**.
+
 13. In **Assignments**, select an option (for example, **Add all devices** or **Add all users**) that is valid for your scope. This will be the same scope for all steps.
+
 14. Review your configuration and create your policy.
 
 By completing this step, you preconfigured WARP with your team settings so it connects automatically upon installation.
@@ -264,19 +295,28 @@ Complete Step 4 one hour after steps 1, 2, and 3 so clients have enough time to
 :::
 
 1. Log into [Zero Trust](https://one.dash.cloudflare.com/).
+
 2. Go to **Settings** > **Resources** > find macOS under **Download the WARP client** > select **Download release**.
 
 	You will be taken to the WARP documentation on [stable releases for macOS](/cloudflare-one/connections/connect-devices/warp/download-warp/#macos) and download a `.pkg` file.
+
 	:::note[Repeat this step to update WARP when a new release is available]
 	Every time WARP releases a new version, you must repeat this process and get a new `.pkg` file for the new WARP version.
 	:::
 3. Log into the [Microsoft Intune admin center](https://intune.microsoft.com) > **Apps** > **MacOS**.
+
 4. Select **Create**.
+
 5. For **App type**, select _macOS app (PKG)_.
-6. In **App information**, select the `.pkg` file you downloaded and input required details. Publisher is cloudflare.
+
+6. In **App information**, select the `.pkg` file you downloaded and input required details. Enter "Cloudflare" as the Publisher.
+
 7. In **Requirements**, refer to the OS versions listed in [stable releases for macOS](/cloudflare-one/connections/connect-devices/warp/download-warp/#macos) and find what matches for you.
+
 8. In **Detection rules**, note that the WARP package will have filed in the App bundle ID and App version.
+
 9. In **Assignments**, select an option (for example, **Add all devices** or **Add all users**) that is valid for your scope. Select **Next**.
+
 10. Review your configuration in **Review + create** and select **Create**.
 
 By completing this step, you deliver the WARP client to targeted macOS devices, either automatically (assignment scope set as **Required**) or on-demand (assignment scope as **Available**) through your company portal.
