Blog Post

Microsoft Intune Blog
3 MIN READ

What’s New in Microsoft Intune February 2024

Ramya_Chitrakar's avatar
Feb 23, 2024

We often hear feedback about the balance between optimizing for productivity and security. The choice to prioritize experience or protection shows up in device provisioning, support processes, and day-to-day administration. In this spirit, I’m happy to share a few updates to Intune that will help IT admins balance security and productivity for their end users. For a comprehensive view of updates, visit the documentation.

More unified cross-platform endpoint management

We use the metaphor “single pane of glass” to describe the ideal management environment: one that enables visibility into all your devices and platforms and reduces the need for switching tools (and its associated costs in time and attention). Last year, we declared that macOS device management with Microsoft Intune was entering a new era of capability, and with this month’s additions, the view is getting clearer and wider. I’m pleased to share the general availability of “await final configuration,” a feature of the automated device enrollment process that prepares the device for users before they reach the desktop.

The new “await final configuration” for macOS Automated Device Enrollment (ADE) provides the Setup Assistant experience for end users while company device configuration policies are downloaded and applied. The intent is for the device to be set up with the correct policies such as VPN and WiFi profiles, before end users land on the Home Screen, so there is no confusion or gaps to get productive and be secure. This capability is covered in detail in the new guide to macOS device enrollment.

Autopilot enhancements

On the same lines of delightful end user experiences, we’re adding a new setting in Autopilot deployments, which gives admins flexibility to install critical applications and get their users to be productive as soon as possible.

Previously, required applications could be installed under one of two conditions: block for all apps, where any application install failures during the technician phase would cause the entire deployment to fail, or block for some apps, which would only install specified apps during the technician phase and leave the rest for the user phase.

The new setting allows administrators to block only for selected apps and continue if other applications fail to install during the technician phase. For those non-blocking applications, the installation will be tried again when the user signs in for the first time. This new option is based on our customer feedback and will lead to better and more efficient provisioning experiences for end users and administrators.

More efficient updating

We saw a tremendous response from organizations when we introduced driver and firmware updating capabilities to Intune last June. We’re excited to announce a new capability to approve driver updates in bulk. This is especially helpful for those who want to retain manual approval over driver deployment, but have a diverse set of devices to manage. We hear from organizations who need to edit 50 or even 100 drivers at a time, so we know this will increase their productivity greatly. For those who use automatic approval, this bulk editing capability will help you with drivers that aren’t included in automatic approvals. This includes most firmware updates, saving even more effort. For those who previewed the functionality found it especially helpful to be able to schedule driver and firmware updates at the same time as quality updates. This reduces the number of reboots that may be needed by end users. For more details, look for updated documentation on Windows Driver update management in Microsoft Intune.

Hopefully we’ve given you reasons to be excited and keep your focus. How do you anticipate using these new Intune features? Let me know by reaching out to me on LinkedIn or in the comments below.


Stay up to date! Bookmark the Microsoft Intune Blog and follow us on LinkedIn or @MSIntune on X to continue the conversation.

Updated Feb 23, 2024
Version 2.0
  • Mario_1's avatar
    Mario_1
    Copper Contributor

    Great news. Do you have any updates by when it will be possible to see the details of which devices are missing Driver Updates? Today we only see the counters in the Update Section but its only possible with complicated GRAPH API stuff to get the details out which devices are really missing those updates.

  • Mario_1 , Great question!  Showing the actual list of applicable devices and device models for a driver is the top ask for improving Drivers today.  It is something we are working on, but I don't have a ETA I can share at this time.  Stay tuned!

    -David

  • leebowman55's avatar
    leebowman55
    Copper Contributor

    Driver Reporting by Device would also be extremely beneficial. Certainly links into the "Missing" Drivers as well understanding what has been installed on a device.

     

    I've currently resorted to a custom PS Script that gathers those Missing Updates and exports a CSV File. It can then have the "Name" copied into Intune to manually approve if it isnt already