Week of July 26, 2021 (Service release 2107)
We've added support for user-assigned device configuration policies for Shared iPads for Business.
With this change, settings like the home screen layout and most device restrictions assigned to user groups apply to Shared iPad devices while a user from the assigned user groups is active on the device
We’ve released the Certificate Connector for Microsoft Intune. This new connector replaces the use of separate certificate connectors for SCEP and PKCS, and includes the following features:
- Configure each instance of the connector to support one or more of the following capabilities:
- PFX imported certificates
- Certificate revocation
- Use a normal Active Directory account or the system account for the connector service.
- Based on your tenant location, select government vs. commercial environments.
- Removes the need to select a client certificate for SCEP integration with NDES.
- Auto-updates to the latest version of the connector. Manual update of this connector is also supported.
- Improved logging.
The previous connectors remain in support but are no longer available for download. If you need to install or reinstall a connector, install the new Certificate Connector for Microsoft Intune.
Available settings on the Enrollment Status Page are updated from Allow users to collect logs about installation errors to Turn on log collection and diagnostics page for end users to support the Windows Autopilot diagnostics page, available in Windows 11. For more information, see Windows Autopilot: What's new.
In the Endpoint Manager admin center, you can create filters, and then use these filters when assigning apps and policies.
When assigning Windows 10 update ring policies, you can use filters (Devices > Windows > Windows 10 Update Rings). You can filter the devices that get the update rings policy based on a device property, such as the OS version, device manufacturer, and more. After you create the filter, use the filter when you assign the update rings policy.
- For more information on filters, see Use filters (preview) when assigning your apps, policies, and profiles in Microsoft Endpoint Manager.
- For more information on Windows 10 update rings policies, see Windows 10 update rings policy in Intune.
- Windows 10 and newer
The Collect diagnostics remote action lets you collect diagnostics from corporate devices without interrupting or waiting for the end user. Collected diagnostics include MDM, Autopilot, event viewers, registry key, Configuration Manager client, networking, and other critical troubleshooting diagnostics. For more information see Collect diagnostics from a Windows device.
For more information, see Windows Autopilot for HoloLens 2.
Endpoint analytics has a new report named Work from anywhere. The Work from anywhere report is an evolution of the Recommended software report. The new report contains metrics for Windows 10, cloud management, cloud identity, and cloud provisioning. For more information, see the Work from anywhere report article.
We've improved the Intune Company Portal authentication screen that prompts macOS users to log in to their account using single sign-on (SSO). Users can now:
- See the app that's requesting SSO.
- Select Don't ask me again to opt out of future SSO requests.
- Opt back in to SSO requests by going to Company Portal > Preferences and deselecting Don't ask me to sign in with single sign-on for this account.
The following protected apps are now available for Microsoft Intune:
- Webex for Intune by Cisco Systems, Inc.
- LumApps for Intune by LumApps
- ArchXtract (MDM) by CEGB CO., Ltd.
For more information about protected apps, see Microsoft Intune protected apps.