Update 5/17: This change has now been rolled out in the May update to Intune.
We’re implementing an improved workflow to enroll corporate iOS devices with user affinity into Intune, specifically when these devices use Setup Assistant for authentication.
With this change, we aim to improve enrollment experience and give end users a shortened work flow. We’ll have detailed documentation when this rolls out, but we thought we’d share what’s coming so you can familiarize yourself with the experience and set up policies in your console if needed.
Experience for enrolling new devices
When we roll this change out, if you enroll new devices authenticating with Setup Assistant, you can choose whether or not to deploy the Intune Company Portal app automatically in Intune not Azure (not available in hybrid MDM). We’re also doing away with “Identify your device” screen and the “Confirm your device” screen, where end users enter the last 4 digits of the device’s serial number in the Company Portal app.
Experience for existing enrolled devices
After this change is rolled out, if you want to enable Conditional Access for devices already enrolled via Setup Assistant, you’ll have to push the Company Portal down to those devices. Here’s how you would do that:
If you use hybrid Mobile Device Management (Hybrid MDM),
<dict>
<key>IntuneCompanyPortalEnrollmentAfterUDA</key>
<dict>
<key>IntuneDeviceId</key>
<string>{{deviceid}}</string>
<key>UserId</key>
<string>{{userid}}</string>
</dict>
</dict>
We’ll keep this post updated with documentation links when we roll out this new workflow. You’ll also see announcements in What’s New in Intune, the hybrid What’s New page and in the Office Message Center. Let us know if you have any questions!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.