Enterprise Mobility and Security Blog

RSS

Status Update: Issue Resolved, advise your end-users to upgrade to iOS 9.2.1 (as of January 19, 2016): The iOS 9.2.1 update is now available; this update resolves the remaining issues with the 9.2 update including managed app inventory. We recommend your end-users upgrade their devices by going to iOS Settings > General > Software Update. Intune engineering team has verified managed app status and compliant/non-compliant app information is working properly with this update. After devices are upgraded to iOS 9.2.1, you can expect the following experience:

  • Within 24 hours, end-users recently upgraded from iOS 9.2 will see errors reported in the Company Portal for previously-deployed managed apps that could not properly install (over the next 7 days, users may be prompted to install or allow management of those apps)
  • Within 24 hours, IT admins will observe updated information on managed app status in the Intune Admin Console
  • Within 7 days, IT admins will observe updated inventory information indicating which devices are running iOS 9.2.1 (this is based on the hardware inventory schedule)

Note that any devices still running iOS 9.2 will continue to be impacted by some of issues reported below. Your end-users must upgrade to iOS 9.2.1 for the fixes to take effect. If you continue to observe issues 24 hours after upgrading to iOS 9.2.1, please contact Microsoft Support here.

Status Update (as of 1PM PST on December 16, 2015): Intune engineering has deployed a workaround that mitigates the managed application installation issue. We will continue to work with Apple to mitigate the following impacted areas related to reporting:

  • Managed application status information will not be reported
  • Compliant/Non-Compliant application information for customers using app whitelist and blacklist policies will not be reported

Status Update (as of 8:30PM PST): Intune engineering has deployed a workaround that mitigates many of the MDM impacts caused by the latest iOS release. However, we still recommend your end users wait before upgrading their devices to iOS 9.2. We will need a fix, likely from Apple, to mitigate the following impacted areas:

  • Managed application installations are affected
  • Managed application status information will not be reported
  • Compliant/Non-Compliant application information for customers using app whitelist and blacklist policies will not be reported

Status (as of 10:45AM PST): Investigation is ongoing. Intune team is working with Apple on a resolution.

Recommendation (as of 10:45AM PST): Defer upgrading managed devices to iOS 9.2 until this issue is resolved.

Based on reports from Intune customers, we have identified an issue with Apple’s latest release of iOS 9.2 which is impacting devices managed via Mobile Device Management (MDM). To reduce the potential impact, Intune customers should advise their end users to wait before upgrading their devices to iOS 9.2.

We believe the issue is related to changes to Apple’s MDM APIs introduced in iOS 9.2. Customers of many MDM vendors are also reporting this issue. Microsoft engineers are actively working with Apple to determine the root cause and identify a fix.

 

The impact to an iOS 9.2 device managed by Intune will include: 

  • Managed application installations are affected
  • Managed application status information will not be reported
  • Compliant/Non-Compliant application information for customers using app whitelist and blacklist policies will not be reported
  • Compliance checks initiated from Intune Company Portal on the device will fail
  • Device syncs initiated from Intune Company Portal on the device will fail
  • New configuration policies created by the admin will not be enforced
  • If devices are compliant, they will continue to be compliant and will be allowed by Conditional Access
  • If devices are not compliant and brought into compliance, they won’t update their status and will be blocked by Conditional Access

For real-time updates on Intune service status and additional information, customers can consult the Intune Service Dashboard at https://status.manage.microsoft.com/StatusPage/ServiceDashboard. To contact Microsoft Support, please click here.

We will update this blog post as new information becomes available.