Managing devices with Microsoft Intune: What’s new and what’s next – my notes (Part 4 – macOS)


At Microsoft Ignite this week in Florida, there were many new announcements of new capabilities in products such as Microsoft Intune. With so many new announcements it’s hard to keep up, but if you want to find out more, read on or select the part that interests you below.

This content is based on an excellent session entitled “BRK3036 – Managing devices with Microsoft Intune: What’s new and what’s next” and you can review it yourself here.

Intune managed versus Jamf managed

With Intune Managed macOS, you have basic platform MDM management which is ideal for scoped or modern management needs for corporate owned devices. You can deploy certificates, password configuration and applications and you can limit access to non-compliant Macs. There’s security with protection via device wipe and encryption.

With Microsoft’s partner, Jamf (+EMS) you get Advanced MDM management of Macs, which allows you to do extensive inventory, depth of security controls, self-service application catalog and end user controls, you can also limit access to non-compliant Macs and do scripting.

EMS + jamf

Mac devices managed by jamf are registered with Intune and this allows Microsoft to leverage Intune for compliance and when the user logs on to the device, jamf will be managing it and ensuring that the user configuration is correct, and will check in with the Intune service to determine whether or not the device is compliant, and compliance is everything, because with non-compliance you can deny access to company resources using conditional access in Azure AD which can grant or deny access based on that compliance.

MacOS new features recently added

The following new features have been added to Intune to support MacOS.

Join me in Part 5 for Windows features.

This entry was posted in Intune, macOS. Bookmark the permalink.