Forum Discussion
New CsMobilityPolicy Parameter RequireIntune
The last SfB Server CU has added a new parameter Set-CsMobilityPolicy -RequireIntune. The default configuration for this parameter is $false. Seems fairly self explantory what this new parameter entails which seems to be InTune support for SfB Server. That said it would be good to see some official documentation from Microsoft on this new parameter and what precisely it entails. Unfortunately Technet is 2 years out of date and is missing a number of newly added parameters for the CsMobilityPolicy including this newer addition.
https://technet.microsoft.com/en-us/library/hh690021.aspx
4 Replies
Seeing as there's no takers yet my theory is this new setting is to support SfB Hybrid when using InTune for MDM/MAM. This setting would likely allow out of band management by InTune for users that are homed on SfB server. Which means settings like conditional access, pin policys for the SfB Mobile app specifically and even MFA are now possible for on premise users too. This could prove to be a big win for Enterprise customers where security for mobile is generally a hot topic. The story to date has been a difficult one requiring the use of 3rd partys for MDM/MAM or MFA when using a server only solution but with hybrid in place and InTune as the MDM/MAM authority those same controls which were exclusively cloud only can now be applied to premise based users as well! Ok whose gonna challenge me!?? MarkVale Deleted Josh Blalock i know you're reading this!
There is a lot of appetite in the enterprise for BYOD but with control. At the moment Skype is behind in this area and has always been the runt of the litter when it comes to cloud and mobility. I would be suprised if this setting will allow for native on-prem users only. I suspect the pre-req will be must be a hybrid user, or at least licenced in 365 for MDM so the account has some kind of OP to OL relationship.
Agreed. The only way it can work is with hybrid. A cloud identity would be required as that's the only way InTune would be able to apply any controls to the user or device as InTune is a cloud only service. Looks like the new 365 Enterprise Plans could be quite useful!
