Microsoft Intune, Others, Become Google Certified for Android Enterprise Management

The EMM market has had slow uptake over its initial few years but has really picked up more recently.

Google has just announced a new resource for customers using the Android platform to locate the top Enterprise management solutions. The initial list is a solid one, showcasing some of the most known vendors. Google says it will add more over time.

Included in the inductees is Microsoft’s Intune alongside BlackBerry, Google Cloud, I3 Systems, IBM, MobileIron, Softbank, SOTI, and VMware.

EMM solutions must meet the following conditions:

  • Experience across multiple Android Enterprise management sets
  • Proven ability to deliver advanced security and management features
  • A consistent deployment experience, with admin consoles that simplify set-up of Android Enterprise
  • Documentation and guides that provide best practices for Android Enterprise set-up and configuration
  • Google-trained personnel across field sales, technical pre-sales and deployment support
  • Commitment to staying current on the latest Android product features and training requirements

New Intune Features for December 2018

Microsoft continues its steady improvements for its cloud-based endpoint management solution, Intune. Intune is updated regularly and if you miss a single update you generally miss a lot.

Here’s what’s available now from the December 10, 2018 updates.

Updates for Application Transport Security

Microsoft Intune supports Transport Layer Security (TLS) 1.2+ to provide best-in-class encryption, to ensure Intune is more secure by default, and to align with other Microsoft services such as Microsoft Office 365. In order to meet this requirement, the iOS and macOS company portals will enforce Apple’s updated Application Transport Security (ATS) requirements, which also require TLS 1.2+. ATS is used to enforce stricter security on all app communications over HTTPS. This change impacts Intune customers using the iOS and macOS Company Portal apps. For more information, see the Intune support blog.

The Intune App SDK will support 256-bit encryption keys

The Intune App SDK for Android now uses 256-bit encryption keys when encryption is enabled by App Protection Policies. The SDK will continue to provide support of 128-bit keys for compatibility with content and apps that use older SDK versions.

Microsoft Auto Update version 4.50 required for macOS devices

To continue receiving updates for the Company Portal and other Office applications, macOS devices managed by Intune must upgrade to Microsoft Auto Update 4.5.0. Users might already have this version for their Office apps.

Intune requires macOS 10.12 or later

Intune now requires macOS version 10.12 or later. Devices using prior macOS versions can’t use the Company Portal to enroll in Intune. To receive support assistance and new features, users must upgrade their device to macOS 10.12 or later and upgrade the Company Portal to the latest version.

 

 

Tip: Command-Line Parameters for the Microsoft Intune Win32 App Packaging Tool

Use the Microsoft Intune Win32 App Packaging Tool to pre-process Windows Classic apps. The packaging tool converts application installation files into the .intunewin format. The packaging tool also detects the parameters required by Intune to determine the application installation state. After you use this tool on your apps, you will be able to upload and assign the apps in the Microsoft Intune console.

Download the latest: Microsoft Intune Win32 App Packaging Tool

Command-line options

-h – Help
-c setup_folder_name – Setup folder for all setup files. All files in this folder will be compressed into .intunewin file. Only the setup files for this app should be in this folder.
-s setup_file_name – Setup file (e.g. setup.exe or setup.msi).
-o output_file_name – Output folder for the generated .intunewin file.

 


 

Intune Win32 App Packaging Tool Updated to Version 1.3

Use the Microsoft Intune Win32 App Packaging Tool to pre-process Windows Classic apps. The packaging tool converts application installation files into the .intunewin format. The packaging tool also detects the parameters required by Intune to determine the application installation state. After you use this tool on your apps, you will be able to upload and assign the apps in the Microsoft Intune console.

Download the latest: Microsoft Intune Win32 App Packaging Tool

 


 

Microsoft Reveals New Device-based Subscription Licensing for Intune

Microsoft today has unveiled a new subscription option for devices managed using its cloud-based management system, Intune.

Microsoft Intune is pleased to announce a new device-based subscription service that helps organizations manage devices that are not affiliated with specific users. The Intune device SKU is licensed per device per month. 

There are some caveats, however. Device-based subscription…

…does not allow you to take advantage of any user-based security and management features.

…cannot be used for shared device scenarios.

 

 


 

Intune to Stop Supporting Windows 7 in 2020

Microsoft has taken to its notification system to give advanced warning to customers still managing Windows 7 devices. Windows 7 reaches the end of extended support on January 14, 2020. As such, Microsoft will also stop supporting management of Windows 7 devices using Intune (or whatever it is called in 2020).

Windows 7 reaches end of extended support on January 14, 2020. At that time, Intune will retire support for devices running Windows 7, so we can focus our investment on supporting newer technologies and providing great new end user experiences. After that date, technical assistance and automatic updates that help protect your PC will no longer be available. Microsoft strongly recommends that you move to Windows 10 before January 2020, to avoid a scenario where you need service or support that is no longer available. 

Recommendations: Intune Plan for Change: Nearing End of Support for Windows 7


Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

IT/Dev Connections

Microsoft Killing Hybrid MDM Product, Pushing Customers to Intune

Microsoft has sent the following warning to customers of its Hybrid MDM solution that this solution will no longer be available. Those currently using it will be given until September 1st of 2019 to adjust to the changes.

 

 

Plan for Change: Move to Intune on Azure for your Mobile Device Management
 
 
Major update: General Availability rollout started
 
 
Since launching on Azure over a year ago, Intune has added hundreds of new customer-requested and market-leading service capabilities, and now offers far more capabilities than those offered through hybrid Mobile Device Management (MDM). Intune on Azure provides a more integrated, streamlined administrative experience for your enterprise mobility needs. As a result, we see that most Enterprise Mobility + Security (EMS) customers choose Intune on Azure over hybrid MDM. The number of customers using hybrid MDM continues to decrease as more customers move to the cloud. Therefore, on September 1, 2019, we will retire the hybrid MDM service offering. Please plan your migration to Intune on Azure for your MDM needs. We have tools, case studies, and other resources to help with this migration. Note: This change does not affect on-premises System Center Configuration Manager (ConfigMgr) or co-management for Windows 10 devices. If you are unsure whether you are using hybrid MDM, go to the Administration workspace of the ConfigMgr console, expand Cloud Services, and click Microsoft Intune Subscriptions. If you have a Microsoft Intune subscription setup, your tenant is configured for hybrid MDM. 

How does this affect me?


• Microsoft will support your hybrid MDM usage for the next year. We will continue to release major bug fixes and ensure existing functionality is supported on OS versions, such as enrollment on iOS 12. We will not invest in new features for hybrid MDM. 

• We do not expect any end-user impact to this change, provided you migrate to Intune on Azure before the end of the hybrid MDM offering. 

• Licensing remains as is; Intune on Azure licenses are included with hybrid MDM. 

• We will begin to block the onboarding of new hybrid MDM customers starting in November 2018. 

• On September 1, 2019, any remaining hybrid MDM devices will no longer receive policy, apps, or security updates. 


What do I need to do to prepare for this change?


• Start planning your migration for MDM from the ConfigMgr console to Azure. Many customers, including Microsoft IT, have gone through this process. Read this 
case study sharing best practices and lessons learned from Microsoft’s own migration. 
• Review 
tools and documentation we’ve created to simplify the process of moving from hybrid MDM to Intune on Azure. Many customers, including some of our largest and smallest, have successfully used these tools and guidance to migrate. 
• Contact your partner of record or FastTrack for assistance. 
FastTrack for Microsoft 365 or EMS can assist in your migration from hybrid MDM to Intune on Azure. More information on how to open this specific type of FastTrack ticket is included in the Additional Information link. Review the support blog post linked in Additional Information for more details.

Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

IT/Dev Connections

PowerShell Script Repository for Managing Intune

Microsoft has begun utilizing Github as a repository for Intune management PowerShell scripts.

This repository of PowerShell sample scripts show how to access Intune service resources. They demonstrate this by making HTTPS RESTful API requests to the Microsoft Graph API from PowerShell.

The following scripts are available now…

Manage Applications – iOS, Android, Web
App Protection Policy – Creation, Get and Delete
Company Portal Branding – Get and Set
Compliance Policy – Add, Get and Delete
Corporate Device Enrollment – Get and Export
Device Configuration – Add, Get and Delete
Enrollment Restrictions – Get and Set
Intune Data Export
LOB Application – Add
Managed Devices – Get, Overview and Device Action
Paging – Get
Intune Roles (RBAC) – Add, Get and Delete
Remote Action Audits – Get
Software Updates – Add, Export, Get and Import
Terms and Conditions – Add, Get and Delete
User Policy Report

Github location: Intune Graph Samples


Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

IT/Dev Connections

Microsoft Sets Date for Intune and TLS 1.2

Microsoft today has announced that it will be converting its Intune product to use TLS 1.2 for encryption starting on October 31, 2018. This gives customers enough time to ensure that their managed devices will support the change.

Microsoft has also supplied the following “known” list of platforms and software that will not work with the new encryption scheme. Customers should review their current software and ensure that attention is giving to migrating to a supportable environment.

  • Android 2.3.7
  • Android 4.0.4
  • Android 4.1.1
  • Android 4.2.2
  • Android 4.3
  • Baidu Jan 2015
  • IE 7 / Vista
  • IE 8 / XP
  • IE 8-10 / Win 7
  • IE 10 / Win Phone 8.0
  • Java 6u45
  • Java 7u25
  • OpenSSL 0.9.8y
  • Safari 5.1.9 / OS X 10.6.8
  • Safari 6.0.4 / OS X 10.8.4

 

The October 31, 2018 deadline for the change also coincides with Office 365 making the same switch.

 


Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

IT/Dev Connections

Guide to Troubleshooting Device Enrollment Problems in Microsoft Intune

Microsoft has developed an interactive, branching online guide for those trying to troubleshoot problems when enrolling devices in Intune.

The guide: Troubleshooting Windows device enrollment problems in Microsoft Intune

Select the problem from the dropdown list and the currently known solution will be displayed. If that doesn’t solve the issue, you can select another, or make a request in the Microsoft forums.


Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

IT/Dev Connections

Microsoft Intune Supports Cisco AnyConnect client for iOS

Microsoft’s web-based endpoint management package, Intune, continues to see significant improvements and new features. Except for a few differences now, Intune is a good alternative to the on-premises System Center Configuration Manager.

This past week saw a new feature added for those supporting iOS devices using Intune:

When you create a new VPN profile for iOS, there are now two options: Cisco AnyConnect and Cisco Legacy AnyConnect. Cisco AnyConnect profiles support 4.0.7x and newer versions. Existing iOS Cisco AnyConnect VPN profiles are labeled Cisco Legacy AnyConnect, and continue to work with Cisco AnyConnect 4.0.5x and older versions, as they do today.

There is currently still only one  Cisco AnyConnect option for Android devices.


Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

IT/Dev Connections