top of page

What's New in Intune | Feb 21 | SR 2202

Updated: Mar 4, 2022

Week of February 21, 2022 (Service Release 2202)

Device security

Mobile Threat Defense partner Zimperium is now available in GCC High tenants

Zimperium is now available as a Mobile Threat Defense (MTD) partner in US GCC High environments.

With this support, you’ll find the Intune connector for Zimperium as available in the list of MTD connectors that you can enable in your GCC High tenant.

The GCC High environment is a more regulated environment, and only connectors for those MTD partners that are supported for the GCC High environment are available in it. For more information about support in GCC High tenants, Microsoft Intune for US Government GCC High and DoD service description.

Manage the app inventory data for iOS/iPadOS devices that Intune sends to third-party MTD partners

You can now configure the type of application inventory data for personally-owned iOS/iPadOS devices that Intune sends to your chosen third-party Mobile Threat Defense (MTD) partner.

To control the app inventory data, configure the following setting as part of the MDM Compliance Policy Settings on the Mobile Threat Defense connector for your partner:

  • Send full application inventory data on personally-owned iOS/iPadOS Devices Options for this setting include:

    • On - If your MTD partner syncs app data and requests a list of the iOS/iPadOS applications from Intune, that list includes unmanage apps (those not deployed through Intune) in addition to those deployed through Intune. This is the current behavior.

    • Off - Data about unmanaged apps won’t be provided, and the MTD partner only receives details about apps that were deployed through Intune.

For corporate devices, data about managed and unmanaged apps continues to be included with requests for app data by your MTD vendor.

Device management

Support for Audio Alert on Android Dedicated (COSU) devices

You can now use the Play lost device sound device action to trigger an alarm sound on the device to assist in locating the lost or stolen Android Enterprise dedicated device. For more information, see Locate lost or stolen devices.

UI updates when creating an on-demand VPN device configuration policy on iOS/iPadOS devices

You can create an on-demand VPN connection for your iOS/iPadOS devices (Devices > Configuration profiles > Create profile > iOS/iPadOS for platform > VPN for profile type > Automatic VPN > On-demand VPN).

The UI is updated to closer match Apple's technical naming. To see the on-demand VPN settings you can configure, go to Automatic VPN settings on iOS and iPadOS devices.

Applies to:

  • iOS/iPadOS

On Android Enterprise, use the Connect Automatically setting on enterprise Wi-Fi profiles

On Android Enterprise devices, you can create Wi-Fi profiles that include common enterprise Wi-Fi settings (Devices > Configuration profiles > Create profile > Android Enterprise for platform > Fully Managed, Dedicated, and Corporate-Owned work profile > Wi-Fi for profile type > Enterprise for Wi-Fi type).

You can configure the Connect automatically setting that automatically connects to your Wi-Fi network when devices are in range.

Applies to:

  • Android Enterprise corporate owned fully managed (COBO)

  • Android Enterprise corporate owned dedicated devices (COSU)

Deprecated status in Group Policy Analytics migration readiness report automatically reevaluates your GPOs

Using Group Policy Analytics, you can import your Group Policy Objects (GPOs) to see the settings that are supported in MDM providers, including Microsoft Intune. It also shows any deprecated settings, or settings not available to MDM providers.

The Intune product team updates the mapping logic. When the updates happen, the deprecated settings are automatically reevaluated. Previously, you had to reimport your GPOs.

Applies to:

  • Windows 11

  • Windows 10

Create terms of use for Android (AOSP) user-associated devices

Require Android (AOSP) users to accept your terms and conditions in the Intune Company Portal app before they enroll their devices. This feature is available for corporate-owned, user-associated devices only. For more information about creating terms of use in Intune, see Terms and conditions for user access.

Enforce Azure AD terms of use with Microsoft Intune or Microsoft Intune Enrollment cloud apps

Use the Microsoft Intune cloud app and/or Microsoft Intune Enrollment cloud app to enforce a conditional access, Azure AD Terms of Use acceptance policy on iOS and iPadOS devices during automated device enrollment. This functionality is available when you select Setup Assistant with modern authentication as your authentication method. Both cloud apps now ensure that users accept the terms of use during enrollment and/or during Company Portal sign-in if required by your conditional access policy.

New macOS settings in the Settings Catalog

The Settings Catalog lists all the settings you can configure in a device policy, and all in one place. When you create a Settings Catalog policy, there are new settings available for macOS devices (Devices > Configuration profiles > Create profile > macOS for platform > Settings catalog (preview) for profile type).

New settings include:

  • Domains > Email Domains

  • Printing > Printing:

    • Allow Local Printers

    • Default Printer

      • Device URI

      • Display Name

  • Footer Font Name

  • Footer Font Size

  • Print Footer

  • Print MAC Address

  • Require Admin To Add Printers

  • Show Only Managed Printers

  • User Printer List

    • Device URI

    • Display Name

    • Location

    • Model

    • PPD URL

    • Printer Locked

  • Profile Removal Password > Removal Password

    • Global HTTP Proxy:

    • Proxy Captive Login Allowed

    • Proxy PAC Fallback Allowed

    • Proxy PAC URL

    • Proxy Password

    • Proxy Server

    • Proxy Server Port

    • Proxy Type

    • Proxy Username

For more information about configuring Settings catalog profiles in Intune, see Create a policy using settings catalog.

Monitor and troubleshoot

Remote help is moving in the Microsoft Endpoint Manager admin center

The remote help page in the Microsoft Endpoint Manager admin center has moved and its now available directly under Tenant administration instead of Connectors and tokens. For more information about remote help, see Use remote help.

9 views0 comments


Post: Blog2 Post
bottom of page