Aug 23 2017
- last edited on
Jan 14 2022
Conditional access is one of the fastest growing services in EMS, constantly getting feedback from customers about new capabilities they would like to add to it. One of the most frequently requested is support for macOS. Customers want to have one consistent system for securing user accessing to Office 365 on all the platforms their employees are using.
So we're excited to share that Azure Active Directory and Intune now support macOS platform for device-based conditional access! Administrators can now restrict access to Intune-managed macOS devices using device-based conditional access according to their organization’s security guidelines.
Read more about it in the Enterprise Mobility & Security blog.
Aug 24 2017 02:42 AM
Unfortunatelly our Mac won`t let me enroll the device and we only have one Mac to test on, we are all Windows users :)
But is anybody succesfull of enrolling their device?
Aug 24 2017 06:14 AM
@Eric Starker - couldn't agree more, conditional access is a compelling story in managing and controlling access to services like Office 365. Support for MacOS closes another gap.
@Peter Klapwijk - yes, I also played with this during private preview. The actual MacOS management capabilities needs to grow more, but heading in the right direction.
Aug 25 2017 12:45 AM
@Eric Starker I know it`s in preview, but can I get some support on enrolling our Mac?
We have a few customers using only Mac for which this is very interesting, but we need to be able to demo this. Thanks
Aug 25 2017 10:19 AM
Aug 25 2017 11:44 AM - edited Aug 25 2017 12:01 PM
OK, so device enrollment requires an Intune license - is the user that is attempting the enrollment assigned an Intune license?
As an alternate to the Company Portal App - can you login in to the Company Portal site (portal.manage.microsoft.com)? From here you can also attempt enrollment too.
Aug 28 2017 01:17 AM
Aug 28 2017 02:54 AM
Good catch. Yes, you need a certifiacte in place to manage iOS and MacOS devices. The link points to the old (Silverlight) console, but the same principles apply to the new Ibiza console too. See here: https://docs.microsoft.com/en-us/intune/apple-mdm-push-certificate-get