Ensuring Certificate Renewal for Devices and Connectors in Intune

4/13/18:  Updated with a revised version of the GetExpiringDevices script at the link below. 4/13/18:  Updated with instructions for Configuration Manager customers using hybrid MDM 4/17/18: Updated with additional guidance when force syncing Apple devices. 4/18/18: Updated with new instructions to determine device impact for hybrid customers. 4/19/18: Updated instructions for force syncing. Added link…


Known Intune Issue: iOS PKCS certificate policy

We’re sharing a tip that came out of a recent case with a customer where we were investigating a problem with their PKCS certificates. While we didn’t get any additional customer calls on this topic, we thought it would be good to post what we shared with the customer in case you were troubleshooting your own custom subject name PKCS…


Support for Multi-token DEP and Authentication with Company Portal

2/22/18: Updated to include list of beta APIs that will not be available for use with multiple tokens in DEP. 4/5/18: Updated Planned Schedule section 5/9/18: Updated to include requirement of AppleID when enrolling devices with user affinity We’ve introduced a new experience to make it easier for you to manage iOS device enrollment through…


Plan for Change: Use Intune on Azure now for your MDM management

We’ve heard from several customers that you’d like a bit longer before we transition from Silverlight to Intune in the Azure portal. We know it takes time to train your IT staff and update documentation. Therefore, we’ll push out this change until August 31st. If you’ve already made the admin portal transition, thank you. If…


Support Tip: New Intune Diagnostic Console for Log Submission in the Intune Managed Browser

By David Meyerson |  Software Engineer With the latest release of Intune Managed Browser (Version 1.2.8+), diagnosing issues with all Intune App Protection Policy enrolled apps (also known as MAM-enrolled apps) is easier than ever for you – the Intune Admin – and end users on iOS. The Intune Diagnostic Console streamlines log collection and submission….


Support Tip: Setting up communication between MAM-managed and MDM-managed apps

Updated 11/2/17 with the Office Message Center post details. Updated 11/17 with new section on corporate data. Updated 11/29 with APP section. We hear occasionally from customers that they want apps managed by App Protection – better known as Mobile Application Management (MAM) – to allow communication with apps managed by Mobile Device Management (MDM)…


PFX certificates issued using the Intune Certificate Connector: Fix your Intune Migration Configuration Issues

During the migration process, we identified a few dozen accounts that would have problems with certificate hashes after being migrated. We put those accounts on hold and came up with a fix for the issue, but before the fix can take effect, all PFX policies have to be regenerated. You can regenerate the policy yourself,…


Windows Early Launch Anti-Malware Detection Issue and Intune Compliance

Murali Krishna Hosabettu Kamalesha | Program Manager, Intune If you’re managing Windows using mobile device management, and if you’re targeting those devices with conditional access policies, there’s a known issue we wanted to make you aware of with the Windows early launch anti-malware (ELAM) driver. This issue applies to both Intune and to Configuration Manager…


Changes to Automatic Grouping for Corporate Pre-enrolled iOS Devices

Daniel Gerrity | Program Manager, Intune updated 5/26/2017 – changed the query rule picture to show you don’t need quotes anymore on the query criteria. For the last few months, we have been migrating group management out of Intune and into Azure Active Directory. This change will bring us some exciting new features, but it also…


Checking for updated app permissions for Android for Work apps

Author: Chris Baldwin, Senior Program Manager About Android for Work app permissions Android for Work requires that you “approve” applications in Google’s managed Play web console before syncing them to Intune and deploying them to your users. Because Android for Work allows you to silently and automatically push these apps to users’ devices, you must…