Event banner
Event details
We're halfway through! Keep those questions flowing—anything about the latest features, and share information about use cases and scenarios you need to support. Post your questions now in the Comments.
- Is there anything in the works that would better help with the management of shared user devices (Apple and Android)?
For Android I did some tests with devices enrolled as dedicated devices and playing with MHS
Thanks for participating in today's AMA: Powerful Apple device management with Intune! For reference, the panel covered this topic at 44:35.
- We have many issues with Intune compliance and Macs due to the workplace join key in keychain. Would using Intune as the MDM for our macs change the way this works? Computers on the daily are not sending Device ID with browsers and users think they are not enrolled in Intune anymore. Here are the two situations I see. Any thoughts? support had no ideas. 1. Users browser just doesn't prompt for access to the key. Use normal browser clear / changing OS defaults until it finally asks user. 2. User forgets password and HD walks them through account recovery locally. This clears out their keychain and the workplace join key. This means we need to have a tech with delete rights in azure ad and intune to delete the records and re-enroll in intune to resolve fully.
Thanks for participating in today's AMA: Powerful Apple device management with Intune! For reference, the panel covered this topic at 31:00.
- Is there any plans for testing/rolling out federation with AAD for using managed identity. As we want to enable it but don’t want to force on all 3k plus users. (Although its controlled more by Apple)
- And Apple seams to be adding even more control with "Apple Business Essentials".
- benjamin_flamm
Microsoft
We're not aware of any phased rollout approaches to federation but will help pass this feedback on to Apple
- When will microsoft allow direct enrollment to intune instead of having to go through apple business manager to have corporate managed devices.
- benjamin_flammFeel free to message me directly with your scenario
- If certificates are deleted from keychain, IntuneMdmAgent sync does not help with pushing them back. It breaks the functionality. Any plans to have this functionality same like Windows platform that certs are pushed back again on next sync.
- benjamin_flammPlease message me directly with details and we'll investigate
- Can we expect return to service for iOS to be in the September release?
Thanks for participating in today's AMA: Powerful Apple device management with Intune! For reference, the panel covered this topic at 34:45.
- aka.ms/intuneroadmap currently says "That didn't work" 🙂
- Heather_Poulsen
Community Manager
Fixed! (Thanks for letting us know.) #CommunityRocks
- Can you tell us about what the initial user account creation when enrolling with ADE will look like with platform SSO? Is user account creation based on entra ID going to be possible?
- benjamin_flammFor the current version of Platform SSO that's in preview, the initial user/local account creation looks the same as it did before PSSO. Our team is investigating the latest PSSO multi-user announcements from Apple at WWDC and we're very interested in leveraging the 'Enable Create User At Login' functionality.
- Thanks, it would really be great to get that bit working. The standard process we have with the current PSSO preview is OK but leaves a lot of room for user error and confusion with the manual account creation and subsequent registration and password sync. It would be much better if we could eliminate some of these steps and create the account and establish password sync from a single Entra login like Jamf connect does. I would also like to be able to ensure FileVault can be enabled here rather than at logout or next login, again this is the experience Jamf connect / Mosyle Auth offer and is at this point is somewhat expected by our clients. The Intune Apple product team is really doing a great job at eliminating reasons to stick with the other MDMs this one would go a long way in helping expand the macOS footprint in Intune in a lot of orgs.
- I read a lot of articles that Microsoft is working hard to embed DDM into Intune. How Intune MDM admins can verify if and when Device Declarative Management is supported in their tenant so that new DDM features can be utilized for mobile iPhone and iPad fleet?
Thanks for participating in today's AMA: Powerful Apple device management with Intune! For reference, the panel covered this topic at 36:40.
