Restrict iOS/Android E-mail to Outlook using Conditional Access for MAM

One of the most common discussions I have with customers is how does an IT Pro ensure that corporate data is only being accessed by approved, managed email applications. Intune Mobile Application Management (MAM) provides a rich set of Data Loss Prevention (DLP) features that ensures no corporate data is leaked outside of the corporately…

Email an MDM enrollment link for Windows 10 users

To MDM enrol a Windows 10 device, the end user must manually run the enrollment wizard. To do this, your users must go Settings > Accounts > Access Work or School > Enroll only in device management The alternative option since Windows 1607 is to use a URI. You can email the following URL as…

Blocking Apps on iOS with Intune

A very (very) common ask from our customers is whether or not we can whitelist/blacklist apps on iOS devices. From iOS 9.3, Apple made this option available for all Supervised devices, exposing it via the SDK and Apple Configurator. Microsoft Intune now supports the ability to allow/block individual apps via the Show or Hide Apps…

Enrolling a Mac into Microsoft Intune

Mac management with Intune is something that I’m asked about fairly regularly. While our support today (at time of post) is limited, it’s very simple to offer this to your users. For those without a Mac handy, I wanted to show you the enrollment process for a Mac device. Firstly, you need to make sure…

PowerShell to query Intune Health Dashboard

A couple of months ago, we moved the Intune health status data from the http://status.manage.microsoft.com dashboard into the Office 365 Health Dashboard. We believe the experience is much better, having health information targeted at your tenants region and wrapped up into the overall Office 365 portal. It also means we can use the Microsoft Online…

Choose between Microsoft Intune standalone and hybrid

When speaking with customers and partners, the most common discussions is around choosing Intune standalone (cloud only) or hybrid (ConfigMgr). It’s an important decision, as it’s not particularly easy to change your mind once device deployment has begun. We’ve recently published a TechNet article that aims to make your decision easier. The document includes an…

Intune Device Group Mapping

A feature that has recently been released, allows you as an IT Pro to publish a list of categories in which an end-user performing a device enrollment may choose a category to tag a device. This allows devices to be automatically added to Intune groups, based on the end-user selection. Specific policies/apps/profiles can be deployed…

Intune Mobile Application Management Compatible Apps

One challenge many Intune admins face is keeping on top of which apps do/don’t support Mobile Application Management (MAM) policies. With the general availability of MAM without enrollment, this gets even harder to manage. The MAM team have recently released a new portal that will show you all of the MAM enabled apps, and what…

Australian Apple Device Enrollment Program (DEP) reseller ID’s

Hi Aussie MDM admins! I thought it would be handy to put together a list of Authorized Apple DEP resellers, and their DEP reseller ID’s. If you know of anymore, or need me to update/fix any of the list items below, please use the comments below! Matt Reseller Apple DEP reseller ID Link Telstra 1A586DA0…

Intune MAM Without Enrollment

At Ignite Australia 2015, I was very proud to be one of the first publically demonstrating the Intune MAM without enrollment features, announced by Satya in November. The Intune MAM without enrollment features allow organizations to protect their Office apps on iOS and Android without the need to enroll their devices in Intune MDM. This…