Author: Chris Green, Senior Program Manager, Enterprise Client and Mobility
We have heard from many of you through the Microsoft Intune Feedback forums that you need to be able to set operating system requirements for mobile devices in order to ensure that they are secure and up to date. Today we are making available a new extension that extends the Microsoft Intune Conditional Access feature by adding compliance rules that evaluate the operating system of mobile devices. Customers can use these new rules either to set a minimum or a maximum operating system version for iOS, Android, Windows and Windows Phone devices that are enrolled with Intune. Devices that do not meet these rules are blocked from Exchange, Exchange Online, and SharePoint Online through the Microsoft Intune Conditional Access feature.
The extension is called Microsoft System Center 2012 R2 Configuration Manager SP1 Extension for Microsoft Intune: Conditional Access. Once enabled, administrators can use the new rules by editing an existing Compliance Policy or by creating a new one. In the Rules section, select Add and then choose “Minimum operating system version” or “Maximum operating system version.”
You can specify a version string that will be evaluated against the operating system version strings of managed devices. If you do not require a minimum or maximum version for a certain platform, leave it blank.
End-users on devices which do not meet the minimum or maximum operating system requirements will be shown the non-compliance reason as part of the existing Conditional Access user experience in the Intune Company Portal or the Intune Web Portal. The user will be told the minimum or maximum version, and in the case of not meeting the minimum version will be given a link to instructions on how to upgrade their device.
This feature will also be coming to Intune Standalone soon. Please watch the Intune blog for that announcement.
To learn more about conditional access for Exchange Online, check out this blog post on the Intune blog .
For additional technical resources on Conditional Access, visit TechNet here .
Installing Extensions
The Conditional Access extension will appear as a new item in the Extensions for Microsoft Intune node in the Configuration Manager console. To install this extension, select this extension and then click Enable . For more information about extensions, see http://technet.microsoft.com/en-us/library/dn574730.aspx
Please note the two requirements for Configuration Manager:
-- Chris Green
Configuration Manager Resources
Documentation Library for System Center 2012 Configuration Manager
System Center 2012 Configuration Manager Forums
System Center 2012 Configuration Manager Survival Guide
System Center Configuration Manager Support
Submit Configuration Manager Product Ideas
Report Configuration Manager Product Issues
This posting is provided "AS IS" with no warranties and confers no rights.