Support Tip: Setting up communication between MAM-managed and MDM-managed apps

We hear occasionally from customers that they want apps managed by App Protection – better known as Mobile Application Management (MAM) – to allow communication with apps managed by Mobile Device Management (MDM) on iOS devices. Let’s say you configure MAM app protection policies for Outlook, and you also deploy a third-party PDF viewer using…


PFX certificates issued using the Intune Certificate Connector: Fix your Intune Migration Configuration Issues

During the migration process, we identified a few dozen accounts that would have problems with certificate hashes after being migrated. We put those accounts on hold and came up with a fix for the issue, but before the fix can take effect, all PFX policies have to be regenerated. You can regenerate the policy yourself,…


Windows Early Launch Anti-Malware Detection Issue and Intune Compliance

Murali Krishna Hosabettu Kamalesha | Program Manager, Intune If you’re managing Windows using mobile device management, and if you’re targeting those devices with conditional access policies, there’s a known issue we wanted to make you aware of with the Windows early launch anti-malware (ELAM) driver. This issue applies to both Intune and to Configuration Manager…


Changes to Automatic Grouping for Corporate Pre-enrolled iOS Devices

Daniel Gerrity | Program Manager, Intune updated 5/26/2017 – changed the query rule picture to show you don’t need quotes anymore on the query criteria. For the last few months, we have been migrating group management out of Intune and into Azure Active Directory. This change will bring us some exciting new features, but it also…


Checking for updated app permissions for Android for Work apps

Author: Chris Baldwin, Senior Program Manager About Android for Work app permissions Android for Work requires that you “approve” applications in Google’s managed Play web console before syncing them to Intune and deploying them to your users. Because Android for Work allows you to silently and automatically push these apps to users’ devices, you must…


Meeting Apple’s New Requirements for Application Transport Security

Update: August 15, 2017 – Still no updated timeline from Apple on when this change will be enforced. If you validated that the ATS-enforcing Company Portal app in TestFlight works in your environment and tested with Apple’s nscurl tool, then no action is needed until Apple makes this change. We recently uploaded a new version (2.7.1)…


ConfigMgr 2012 SP1/R2 RTM: Support for Hybrid Mobile Device Management Ending Soon

Applies to: Microsoft Intune, System Center 2012 Configuration Manager SP1, System Center 2012 R2 Configuration Manager Support for System Center 2012 Configuration Manager SP1 and System Center 2012 R2 Configuration Manager RTM ended on July 12th, 2016. Subsequently, support for these releases connecting to the Microsoft Intune service via hybrid MDM (e.g. managing mobile devices…


Removing Access Control from Mobile Device Management for Office 365

Author: Joel Stevens | Microsoft Support Escalation Engineer When you activate the Mobile Device Management (MDM) for Office 365 service, you are prompted to create a Device Management Security Policy. The mobile devices for users that you target with this policy will be quarantined, and the user will be sent an email asking them to…


Using the Microsoft Graph API to access data in Microsoft Intune

Although for most administrators the Microsoft Intune administration console will be the primary method of looking at information in Microsoft Intune, developers and IT pros that have a level of technical knowledge to understand REST API calls may use Microsoft Graph to query data from the service backend of Intune. Microsoft Graph exposes multiple API’s…