Event details
76 Comments
- Can you provide details on how certificates (Computer and User) are managed in the product?
- When will you offer the time zone setting in device restrictions for iOS?
- "Set time zone: With iOS 14 or later and iPadOS 14 or later, this MDM command ensures all your devices use the correct time zone without touching them. If this isn’t enabled, users must set it using Location Services." https://support.apple.com/guide/deployment-education/common-mdm-settings-eduee8624eef/web Phoenix AZ often gets denver time zone from location services
- What is the best way for enrolling existing / In use macOS Corporate Owned Devices into Intune with user affinity? Adding the device into ABM using the apple configurator requires a factory reset and using the DEM account enrolls without User Affinity. Any recommended approach with the smallest user impact?
- Any form of bringing a device under an enterprise management solution requires a factory reset. This is also the case for Android and even Windows (autopilot enrollment).
- When can we expect the iOS/iPadOS settings in the settings catalog? And will all these settings make use of the new DDM solution by Apple?
- Rachelle_Blanchard
Microsoft
Admin response: This question was answered live. Please refer to the recording for more details.
- Joe_LurieHi Janic- check out our recent doc page on this: https://docs.microsoft.com/en-us/mem/intune/configuration/ios-device-features-settings
- what verticals are being targeted for making use of shared device mode, what vendors are you reaching out to to get their apps to use the msal stack?
- Rachelle_Blanchard
Admin response: This question was answered live. Please refer to the recording for more details.
We notice most of IOS/Android that were enrolled and working well. when Windows Defender shows not compliant, User does not get Company emails or access to MS Teams. We had to delete the device and user start enrollment of mobile device, Is there other solutions as sometime the process is long?
Follow up yes we have conditional policy depending on Windows Defender on mobile as we need to protect the Company data.
Error on Compliant: Require the device to be at or under the machine risk score:- As mentioned, this sounds like a CA policy blocking the access to Teams or Outlook. Would suggest setting the mark device noncompliant action to a few days afterwards and make sure the user gets some mails first to warn him that he needs to mitigate his deviations.
- Rachelle_Blanchard
Admin response: This question was answered live. Please refer to the recording for more details.
- Any Info about plans to support Multi-User for the Company Portal App on MacOS? Currently if User A enrolls the Device using company portal and User B logs in and tries to open the company portal App he will be asked to enroll the Device even if it is already enrolled. So the second user will also not see software packages offered via the company portal app.
- Rachelle_Blanchard
Admin response: This question was answered live. Please refer to the recording for more details.
- As mentioned - as soon as a second user tries to open the company portal he is not able to see software packages assigned to him for example as he is asked to enroll the device - what was already done by the first user. Feel free to contact me if you have more questions. I'm happy to answer them / provide more feedback
- I have two iOS App Protection Policies, one for Managed and one for Unmanaged Device types. For the Managed devices the App Protection Policy doesn't require PIN for accessing the app. Apps (Outlook, OneDrive, Office, Word, Excel, SharePoint etc) have been added to Intune and made available for enrolled devices I have created the App configuration policy with Configuration Key "IntuneMAMUPN" and Value "{{userprincipalname}}" for each of the Apps I'm still seeing users with an enrolled/managed device requiring to enter a PIN to open the app, why isn't is getting the Managed App Protection Policy?
- Last time I checked was a few months ago so bare with me if I missed something, but will it be possible to login to MacOS using an AzureAD account without the need for JAMF?
- Rachelle_Blanchard
Admin response: This question was answered live. Please refer to the recording for more details.
- Heather_Poulsen
Community Manager
Welcome to Tech Community Live: Endpoint Manager edition and the Managing iOS and macOS devices AMA. Let's get started! Post your questions in the Comments. We will be answering questions in the live stream—and others will be answering here in the chat.
