Merge pull request #461 from smallstep/josh/ws1-script-assignment

joshdrake · web-flow · commit ede2630567c6 · 2025-12-08T11:44:54.000-06:00
Workspace ONE script assignment
diff --git a/tutorials/connect-intune-to-smallstep.mdx b/tutorials/connect-intune-to-smallstep.mdx
@@ -1,5 +1,5 @@
 ---
-updated_at: November 06, 2025
+updated_at: November 18, 2025
 title: Connect Intune to Smallstep
 html_title: Connect Microsoft Intune to Smallstep Tutorial
 description: Connect Microsoft Intune to Smallstep for Windows device identity. Step-by-step guide for enterprise device trust with MDM integration.
@@ -132,7 +132,7 @@ In this step, we’ll tie everything together by creating Windows policy to enro
     3. Download the Intermediate Certificate
     4. Copy and temporarily save the **SCEP server URL** shown on the page, eg. `https://agents.example.ca.smallstep.com/scep/integration-intune-b967f507`
 2. Visit [Team Settings](https://smallstep.com/app/?next=/settings/team)
-    1. Copy and temporarily save the **Team ID** value
+    1. Copy and temporarily save the **Team Name** and **Team ID** values
 
 ### 6. Create a Policy in Intune
 
@@ -161,11 +161,11 @@ In this step, we’ll tie everything together by creating Windows policy to enro
             2. Team Slug: (paste the Team ID you saved earlier)
             3. Certificate URI:
                ```
-               capi:store-location=machine;store=My;issuer=Smallstep (<TeamSlug>) Agents Intermediate CA;cn=step-agent-bootstrap
+               capi:store-location=machine;store=My;issuer=Smallstep (<team-name>) Agents Intermediate CA;cn=step-agent-bootstrap
                ```
-               Replace `<TeamSlug>` in the “Certificate URI” with your team’s slug.
+               Replace `<team-name>` in the “Certificate URI” with your full team name.
                If your team was created before October, 2024,
-               your issuer CA may have a common name without the team slug ("Smallstep Agents Intermediate CA").
+               your issuer CA may have a common name without the team name ("Smallstep Agents Intermediate CA").
                Not sure? Check your [Authority list](https://smallstep.com/app/?next=/cm/authorities).
             4. Leave the other settings as is.
             5. Choose “OK”
diff --git a/tutorials/connect-workspace-one-to-smallstep.mdx b/tutorials/connect-workspace-one-to-smallstep.mdx
@@ -69,7 +69,7 @@ Within a few minutes after adding the connection, you should see all of your Wor
 2. Choose **Add** and then **Windows**
     1. In the General tab, provide a name for the script, such as “Smallstep Agent Enrollment”
     2. On the Details tab, ensure the **Language** is “Powershell” and the **Execution Context & Privileges** is “System Context”
-    3. Use the following snippet as the **Code**, making sure to replace `<team-id>` with the Team ID value you copied from the Smallstep UI earlier.
+    3. Use the following snippet as the **Code**, making sure to replace `<team-id>` with the Team ID value you copied from the Smallstep UI earlier. `<team-name>` should be replaced with your full Team name shown in the Smallstep dashboard.
         
         ```xml
         $RegistryPath = "HKLM:\Software\Policies\Smallstep"
@@ -79,13 +79,18 @@ Within a few minutes after adding the connection, you should see all of your Wor
         }
 
         Set-ItemProperty -Path "HKLM:\Software\Policies\Smallstep" -Name "TeamSlug" -Value "<team-id>"
-        Set-ItemProperty -Path "HKLM:\Software\Policies\Smallstep" -Name "Certificate" -Value "capi:store-location=machine;store=My;issuer=Smallstep (<team-id>) Agents Intermediate CA;cn=$env:DEVICE_ID"
+        Set-ItemProperty -Path "HKLM:\Software\Policies\Smallstep" -Name "Certificate" -Value "capi:store-location=machine;store=My;issuer=Smallstep (<team-name>) Agents Intermediate CA;cn=$env:DEVICE_ID"
         ```
         
        If your team was created before October, 2024,
        your issuer CA may have a common name without the team slug ("Smallstep Agents Intermediate CA").
        Not sure? Check your [Authority list](https://smallstep.com/app/?next=/cm/authorities).
-    4. In the Variables tab, click **Add**. Set the variable **Key** to `DEVICE_ID` and the variable **Value** to `{DeviceUuId}` 
+    4. In the Variables tab, click **Add**. Set the variable **Key** to `DEVICE_ID` and the variable **Value** to `{DeviceUuId}`
+    5. Click **Save** to save the script.
+    6. Select the newly created script and click the **Assign** button.
+    7. Name the assignment as desired and select the appropriate Smart Group. Click **Next**.
+    8. For **Deployment**, select "Run Once Immediately" for the **Triggers**. Click **Add**.
+    9. Click **Save and Publish**. Click **Publish** on the additional prompt if one is shown.
 
 ### 4. Deploy and configure the Smallstep Agent
 
