Your browser (Internet Explorer 6) is out of date. It has known security flaws and may not display all features of this and other websites. Learn how to update your browser.
X
Aside

Hotfix: ConfigMgr 1511 and Mac Management

The bug I previously blogged about has been addressed in a hotfix. It’s also confirmed to be fixed in the upcoming 1602 release when that goes live. This only affects you if you are using native Mac management and also using Intune in a hybrid environment.

Read about and download the hotfix here.

Aside

Gotcha: ConfigMgr 1511 and Mac Management

Little bit of a bug with System Center Configuration Manager current branch (1511) when you are using Microsoft Intune in a hybrid configuration and also are using native Mac management (HTTPS/PKI). 

If you are managing Mac’s through MDM (supported with 1511 and Intune hybrid) then this would not apply to you.

If you have a Terms & Conditions policy created, then your Mac devices will not finish enrolling properly. Unfortunately, the T&C doesn’t even need to be deployed, the policy just needs to exist.  You will be able to install the Mac client and complete the enrollment process, however the Mac devices will never show up in the ConfigMgr console.  It appears to an issue in processing the mobile policies (as Mac devices are treated as mobile devices). 

By deleting the Terms and Conditions, your Mac devices will finish enrolling and will show up in the console shortly there-after. 

Video

Tech Talks: Microsoft Intune Conditional Access

The next video in my Tech Talks series is now live. This time we are covering Conditional Access with Microsoft Intune.

 

Aside

Microsoft Intune: Day Zero Support for iOS 9 with Intune

Excellent post detailing the new iOS 9 features that will be available in Intune shortly.

Highly recommended reading.

Earlier today Apple released the final version of iOS 9 to developers worldwide (with public release set for Sept 16, and a new iOS 9.1 beta drop available). Over the past few months, we have been busy working to ensure that Intune is fully compatible with this latest version of Apple’s mobile operating system, and we are happy to announce that Microsoft Intune has Day 0 support for managing iOS 9 devices. All the existing Intune features currently available for managing iOS devices will continue to work seamlessly as users upgrade their devices to iOS 9. As a member of the Intune Product Engineering team that works closely with Apple on support for its platforms, I want to share insights into some of the new iOS 9 features for IT and the Enterprise and how they are supported in Microsoft Intune. As we continuously update the Intune service, you will begin to see these new features and many more.

Aside

Microsoft Intune: Intune and EMS subscriptions now available in the Office 365 portal!

Nice update to the o365 portal to make management easier.

Read the full post here.

We have received feedback from you asking for fewer portals to manage your Microsoft subscriptions. Based upon this feedback, we are merging the Microsoft Intune account portal with the Office 365 management portal to simplify your user experience.

As an initial change, the Office 365 management portal now supports subscription management and license assignment for Intune and Enterprise Mobility Suite (EMS). Until late September, you can continue to use the Intune account portal while you update your workflows and bookmarks. Following this transition period, the Office 365 management portal will be where you will manage subscriptions and license assignments. We anticipate retiring the Intune portal on or after September 28, 2015 and an in-service banner will be added to remind you of this change.

For EMS customers who previously visited the Azure portal for user creation and license assignment, you can continue to use the Azure portal to take advantage of advanced features such as group license assignment. Alternatively, you can begin assigning licenses while already managing other subscriptions in the Office 365 management portal. There are no changes to the Azure portal or the Intune admin console as part of this migration.

 

Aside

Intune: New Features

Latest batch of Intune features was announced, read the original post here.

New Microsoft Intune features and enhancements will be released over the next week. Building on the Intune management capabilities for Windows 10 that were announced in May, this service update adds support for creating and deploying Windows 10 configuration policies and VPN profiles using new Windows 10-specific templates. Additionally, as detailed on the Active Directory team blog, you can now automatically enroll Windows 10 devices into Intune device management using Azure AD join.

In addition to these new Windows 10 management capabilities, this Intune service update includes several other features and enhancements, such as:

Deployment of certificates in .pfx format: You can deploy certificates in Personal Information Exchange (.pfx) format to Windows 10 and Android devices without need for Network Device Enrollment Service (NDES).

  • Multi-identity support for OneDrive app on Android: When using the OneDrive app for Android devices, users can access both their personal and corporate accounts in the same app while Intune mobile application management policies are only applied to the user’s corporate account (Multi-identity support for OneDrive app on iOS previously released in June).
  • User-specific terms and conditions: You can deploy customized terms and conditions to Intune user groups which they must accept before using the Intune Company Portal to enroll devices and access corporate resources.
  • Conditional access for Windows PCs: You can restrict access to Office 365 so that only domain-joined PCs running Office 2013 can connect.
  • Support for custom VPN profiles for iOS: You have the ability to define VPN settings for additional VPN providers on iOS devices using the new custom option in the VPN profile dropdown menu.
  • Management of Activation Lock feature for iOS: You have the ability to manage the Activation Lock feature on iOS 7.1+ devices, providing you with the option to turn the feature on/off, view status, and bypass the Activation Lock.
  • Intune Company Portal app for Android updated: The Intune Company Portal app for Android has been updated to display device enrollment instructions after signing in for those who have not yet enrolled their device for management.
Aside

Intune: Multi-Identity and Mobile App Management (MAM)

Great explanation of the new features around Multi-Identity in Mobile App Management (MAM) layer.  Read the full article here.

The currently supported apps are here on Technet, and whether or not they support Multi-Identity is listed as well (*).

In June, we released an update to the Microsoft Intune mobile application management (MAM) capabilities for iOS and Android that enables coexistence of policy-managed (corporate) and unmanaged (personal) accounts in a single app – this new feature is known as multi-identity. Here’s a high-level example of how this works:

Many users access both corporate and personal email accounts in the Outlook app for iOS and Android. When a user is accessing data in their corporate account, the IT pro needs to be confident that MAM policy management will be applied and help protect this corporate data. However, when a user is accessing a personal email account that data should be outside of IT’s control. Intune achieves this by targeting the management policy to only the corporate account in the application. The multi-identity feature helps solve the data protection problem that organizations are facing with devices and apps that support both personal and work accounts while maintaining the end user’s experience and the privacy of his/her personal data.

Aside

Microsoft Intune: Improved App Catalog Experience

Great post over on the Intune Blog.  The company portal app has been updated with some very nice changed that I think are welcomed. 

Read the entire post here.

Aside

Microsoft Intune: New Features June/July

Read the original post here on the Intune Team Blog.

We are planning to release the next set of Microsoft Intune features between June 22 and July 2. As part of this service update, customers using Intune standalone (cloud only) and System Center Configuration Manager integrated with Intune (hybrid) can expect the following new features:

  • Multi-identity support added for Word, PowerPoint, and OneDrive apps for iOS devices, enabling users to access both their personal and work accounts in the same Office mobile apps while Intune mobile application management policies are only applied to the user’s work account (Updated Excel app for iOS devices pending store approval)
  • Notifications added in the Company Portal app for iOS to notify users when a new app version is available in the App Store

In addition to the above features, the following new features will be made available for customers using Intune standalone:

  • Ability to install .appx apps from the Intune Company Portal website (already available within ConfigMgr console for hybrid customers)
  • Updated Endpoint Protection agent for managing Windows PCs
  • Ability for admins to view malware-infected file paths from Intune admin console (already available within ConfigMgr console for hybrid customers)

Also, as announced last week, customers using Intune standalone now have the ability to restrict access to the Outlook app based upon device enrollment and compliance policies and can restrict actions such as cut, copy, paste, and “save as” of corporate data between the Intune-managed Outlook app and apps not managed by Intune. These Outlook apps for iOS and Android are also enabled with multi-identity support. The features for managing the Outlook apps will be made available to customers using ConfigMgr integrated with Intune (hybrid) as part of the Intune service update rolling out between June 22 and July 2.

Aside

ConfigMgr/Intune: Ignite 2015 Sessions

Here are the sessions of note for Ignite 2015 around Configuration Manager and Microsoft Intune. Links to Channel9 to watch the recording are below.

Managing Windows 10 with Microsoft Intune and System Center Configuration Manager

Excited about the new Windows 10 features? We are as well! Join this session to learn about how Microsoft Intune and System Center Configuration Manager are going to support and enhance new features coming in Windows 10.

What’s New and Upcoming with Microsoft Intune and System Center Configuration Manager

This session outlines the latest enhancements in enterprise mobility management using Microsoft Intune and System Center Configuration Manager. See the newest Microsoft Intune improvements for managing mobile productivity without compromising compliance, and learn about the futures of Microsoft Intune and Configuration Manager, including new Windows 10 management scenarios.

Managing Your Datacenter with Microsoft System Center Configuration Manager

Is deploying, updating, and maintaining configuration compliance still a challenge in your datacenter environment? Join this session to learn how System Center Configuration Manager along with the other components of System Center can make your life easier by addressing these common challenges. We share with you lessons learned from customer deployments, common industry practices, and provide insights into what is coming in the future.

What’s New with OSD in System Center Configuration Manager and the Microsoft Deployment Toolkit

This session covers future improvements for deployment and upgrade in the next versions of System Center Configuration Manager, Microsoft Deployment Toolkit (MDT), and Windows. Learn how Microsoft is gearing up to make the deployment and upgrade of the next version of Windows using Configuration Manager or MDT the easiest yet.

Configuring Corporate-Owned Mobile Devices with Microsoft Intune

Not all mobile devices are personally owned. Often, corporations own the devices and issue them to end users. It’s up to the IT Pro to configure these devices. Intune makes it easy for IT Pros to provision, configure, and manage corporate-owned devices. In this session, learn how to use Apple Configurator to bulk-enroll iOS devices, how to tightly control device usage, and how to pre-provision apps and policies to devices. We walk you through how Microsoft Intune enables IT Pros to keep devices secure and managed, while enabling end users to be productive.

Evolving Mobile Application Management for BYOD Devices with Microsoft Intune

Protecting company assets on mobile devices will continue to grow as a crucial challenge to IT in 2015. In this session, you’ll see the latest advancements in Microsoft Intune’s Mobile Application Management solution. The focus will be on two differentiating technologies: first, enforcing application management for specific identities to ensure company assets are protected and personal assets remain under user control; and second, enabling application-level data protection independent of MDM. This session will include both a discussion of the features and capabilities as well as a demonstrations of these scenarios in key Microsoft applications.

Deep Dive on Android and iOS Device Management with Microsoft Intune

Do you manage Apple devices in an enterprise or educational environment? How about Android? Do you think they’re fully secured? Think again. In this deep dive session we will provide insights into managing mobile devices using Microsoft Intune and the MDM channel. This session will dive into advanced topics like Supervised mode, Apple Configurator, jailbreak detection as well as new Android features. We will also provide a first glimpse into managing Mac OS X devices using the modern MDM functionality of Microsoft Intune, rounding out Intune support for every major platform.

Configuring Corporate-Owned Mobile Devices with Microsoft Intune

Not all mobile devices are personally owned. Often, corporations own the devices and issue them to end users. It’s up to the IT Pro to configure these devices. Intune makes it easy for IT Pros to provision, configure, and manage corporate-owned devices. In this session, learn how to use Apple Configurator to bulk-enroll iOS devices, how to tightly control device usage, and how to pre-provision apps and policies to devices. We walk you through how Microsoft Intune enables IT Pros to keep devices secure and managed, while enabling end users to be productive.

Building Out a Successful Microsoft Intune Pilot

Are you planning to pilot or deploy Microsoft Intune and looking for straight forward technical guidance to help you accelerate these efforts? Please join the Intune Engineering Customer Acceleration Team as they share their extensive Intune implementation experience working with customers from all over the world. During this session the team will share their experiences, covering the end to end implementation process, from planning, architecture, deployment and management. At the end of this session you will have everything you will need to successfully deploy Intune in your environment, even if you have no prior knowledge or experience with Intune.

Evolving Mobile Application Management for BYOD Devices with Microsoft Intune

Protecting company assets on mobile devices will continue to grow as a crucial challenge to IT in 2015. In this session, you’ll see the latest advancements in Microsoft Intune’s Mobile Application Management solution. The focus will be on two differentiating technologies: first, enforcing application management for specific identities to ensure company assets are protected and personal assets remain under user control; and second, enabling application-level data protection independent of MDM. This session will include both a discussion of the features and capabilities as well as a demonstrations of these scenarios in key Microsoft applications.

Device and Data Protection with Mobile Device Management in Office 365

In this session we dive deep into mobile device and data management for Office 365. This includes our new MDM for Office 365 feature and application management with Microsoft Intune. Both of these features now include conditional access to Office 365 data so you can protect Office 365 content on any device with ease!