Exporteren (0) Afdrukken
Alles uitvouwen

What's new with Microsoft Intune

Bijgewerkt: april 2015

Van toepassing op: Microsoft Intune

Welcome to the Service Updates information for Microsoft Intune. Here you will find information about the latest features and improvements to Intune.

  • Conditional access for On-Premises Exchange now supports devices that run Android.

  • Improvements to the end-user experience for users affected by a conditional access policy.

  • You can now specify the account that will be used to send notification emails about device blocking for a conditional access policy for On-premises Exchange.

  • Major updates to the conditional access documentation to incorporate the latest information.

See Manage access to email and services with conditional access for Microsoft Intune for more information.

You can now deploy software to Windows Phone 8.1 devices in .appx bundle format. For details, see Deploy apps to mobile devices in Microsoft Intune.

Intune adds management settings for Windows Defender. Windows Defender provides malware protection and replaces Endpoint Protection in Windows 10 Technical Preview. See Help secure your computers with Endpoint Protection and Windows Firewall policy for Microsoft Intune for more information.

The All Malware page of the Protection workspace now includes a column that displays Recent Detection Paths. This column lists the last ten locations of the specified malware found on the computer. See How to monitor Endpoint Protection for more information.

The following changes have been made to the company portal apps in this release:

  • Users can now access license terms from within the app

  • The Profile view has been redesigned

  • Bug fixes to improve security

Intune mobile device management can now manage iOS devices purchased through Apple’s Device Enrollment program. This allows for over-the-air management of corporate-owned iOS mobile devices. For details, see Enroll corporate-owned iOS devices in Microsoft Intune.

Administrators can limit the number of devices each user can enroll to be managed with Intune. For details, see “Set device enrollment limits” in Enable mobile device enrollment with the Microsoft Intune Company Portal.

You can now deploy software to Windows Phone 8.1 devices in .appx format. For details, see Deploy apps to mobile devices in Microsoft Intune.

The following changes have been made to the company portal apps in this release:

  • Improved login experience on the Windows and Windows Phone Company Portal apps by using Active Directory Authentication Library (ADAL) Integration

  • Bug fixes

  • Added support for Wi-Fi profiles with passkeys when Intune is used with Configuration Manager

  • Added Support for Remote Lock and Passcode Reset features when Intune is used with Configuration Manager

  • Added a Verbose Logging setting to improve troubleshooting

  • Improved performance of SCEP certificate profiles

  • Bug fixes

  • The new SharePoint Online policy lets you prevent apps from accessing SharePoint Online when the device is not compliant.

Use the new Windows Wi-Fi Import Policy to import a set of Wi-Fi settings (for Windows 8.1 and later) that you can then deploy to device and user groups in your organization.

For details, see Help users connect to company networks using Wi-Fi profiles with Microsoft Intune.

Per-app VPN connections are now supported for iOS devices when the connection type is Cisco AnyConnect.

The following functionality has changed for mobile device security policy settings:

  • When you enable the setting Require automatic updates, you can now also select the minimum category of updates you want to automatically install.

  • The Require encryption on mobile devices setting now supports Windows 8.1. When you enable this setting, users must connect their Microsoft Account to the device.

For details, see Configure security policy for mobile devices in Microsoft Intune.

Added information about the latest apps you can manage by using mobile application management policies to the Control apps using mobile application management policies with Microsoft Intune topic.

Conditional access, introduced in the November 2014 release now contains the following new capabilities:

  • Conditional access policies can now be used to control access to Exchange Online.

  • Create compliance policies that define the rules and settings that a device must comply with to access Exchange On-premises and Exchange Online.

For details, see Manage access to email and services with conditional access for Microsoft Intune.

Enroll corporate-owned iOS devices in Microsoft Intune. With this enrollment method users cannot un-enroll or factory reset the device. The administrator preconfigures iOS devices in one of two ways:

  • Sets up the devices for enrollment and then distributes each device to a single user, also known as “choose your own device” (CYOD)

  • Enrolls the device to be user-less and shared amongst a group of users such as point-of-sale devices in a restaurant

Managed mobile apps work with mobile application management policies to restrict certain app operations such as copy and paste, or screenshot functionality.

For mobile device settings that cannot be configured by a mobile device security policy, you can create custom policies for iOS devices that you have exported from the Apple Configurator tool. For details, see Use iOS custom policies to manage device settings with Microsoft Intune.

For devices that run Windows Phone, you can create and deploy a policy that contains OMA-URI settings to control features on the device.

A new report, Device History, lets you view a record of retire, wipe and delete actions. You can use this report to see who initiated actions on devices in the past.

In addition to the following, review Requirements for Microsoft Intune for recent changes.

With this release, Windows Intune is now called Microsoft Intune.

A number of improvements have been made to the Intune admin console including a new Dashboard page that provides quick access to status details that help you manage Intune and find details about your managed devices. For details about the admin console, see Reference for the Microsoft Intune administrative consoles.

Configuration policies provide the following capabilities:

  • Compliant and noncompliant apps – Lets you specify a list of apps that users can, and cannot install.

  • Kiosk mode - Lets you to lock a device to only allow certain features to work. For example, you can allow a device to only run one managed app that you specify, or you can disable the volume buttons on a device.

For details, see Manage devices using configuration policies with Microsoft Intune.

  • When you publish terms and conditions, your users will see these when they first use the company portal from any device, whether or not that device is already enrolled. Users will have to accept those terms to access the portal. For details, see About Terms and Conditions.

Email profiles help you create, deploy and monitor Exchange ActiveSync email settings on devices. This lets user’s access corporate email on their personal devices without any required setup on their part. For more information, see Enable access to corporate email using email profiles with Microsoft Intune.

New policy settings have been added to help you manage more features on your managed mobile devices. For more information, see Mobile device management capabilities in Microsoft Intune.

Windows Phone 8.1 is now supported. Windows Phone 8.1 which comes with support for new policy settings.

Android Samsung KNOX is now supported and supports selective wipe.

You can now wipe EFS-enabled content such as content relating the Mail app for Windows. For more information, see Help protect your data with remote wipe, remote lock, or passcode reset using Microsoft Intune.

You can lock mobile devices remotely and also reset the passcode. For more information, see Help protect your data with remote wipe, remote lock, or passcode reset using Microsoft Intune.

Intune now allows you to configure an app as a featured app. This app will then be displayed prominently in the company portal. For more information, see Deploy apps to mobile devices in Microsoft Intune.

In the previous release of Intune, Microsoft Intune Endpoint Protection was only installed if a policy was created to require this installation on newly enrolled clients. In the current release of Intune, the endpoint protection client is installed on computers with Intune, unless a policy is created to prevent this installation. This change was made in response to customer feedback, and to better secure computers running Intune. For more information, see Help secure your computers with Endpoint Protection and Windows Firewall policy for Microsoft Intune.

New policy settings have been added to help you manage more features on your inventoried mobile devices. For more information, see Manage mobile devices with Microsoft Intune.

A new report type has been added specifically to report on inventoried mobile devices in your organization. For more information, see Manage reports in Microsoft Intune.

Intune now allows you to deploy a shortcut to an application on the Web to your devices. For more information, see Get started with app deployment in Microsoft Intune.

Intune now lets you enroll Android devices for direct management. For more information, see Start managing Android devices with Microsoft Intune.

Intune now supports Windows 8.1 devices, including Windows Professional, Surface, Surface Pro, and Windows Phone.

Devices running Windows 8.1 and Windows RT 8.1 can now enable Device Management and automatically enroll and install apps. For more information, see Enable mobile device enrollment with the Microsoft Intune Company Portal.

The default “Ungrouped Devices” group, which was removed in a previous version, is back. Newly enrolled devices are automatically assigned to this group.

iOS devices can now use their own fully featured company portal app, instead of the mobile web app.

Two new policy settings have been added to help administrators streamline client agent updates:

  • Prompt user to restart Windows during Microsoft Intune client agent mandatory updates.

  • Microsoft Intune client agent mandatory updates installation schedule, with the parameters Day scheduled, and Time scheduled.

A new value has been added to the Intune Agent policy setting Install Endpoint Protection. The new value is No, and is the default value.

noteOpmerking
This behavior is different than previous version of Intune, where Intune Endpoint Protection was installed automatically during client installation. After upgrading, you may need to create a new policy to ensure that new clients will have Endpoint Protection installed, and that existing clients will continue to receive updates. .

With this update, you can now configure the Intune Exchange Connector to connect directly from your Intune service to your hosted Exchange environment, without downloading additional software. .

This tool makes it easy to try out Windows Phone 8 device management using Microsoft System Center 2012 Configuration Manager during your Intune subscription trial period, without having to procure a Symantec certificate. This tool contains:

  • A script that populates a sample Application Enrollment token.

  • A sample Windows Phone 8 company portal app.

  • Two sample applications that can be used for Windows Phone 8 software distribution scenarios.

The Support Tool for Intune Trial Management of Window Phone 8 can be downloaded from the Download Center.

With this security update, once you log in to the Intune administrator console, your session will become invalid after eight hours and you will be prompted to log in again.

With this update, you can now scan a Microsoft Tag or bar code and automatically navigate to the app details page in the Windows 8 or Windows RT company portal app. If the company portal app is not installed, you will be prompted to install it.

With this update, you can now configure the Intune Exchange connector to connect to your hosted Exchange environment in Office 365. For more information, see Set up mobile device management using Exchange ActiveSync in Microsoft Intune

With this update you can share an app with another person by selecting Share from the app details page. This will send an email with a direct link to the app details page. You do not need to have the app installed yourself to share the app.

With this update, you can now scan a Microsoft Tag or bar code and automatically navigate to the app details page in the Windows Phone 8 company portal app. If the company portal app is not installed, you will be prompted to install it.

Zie ook


To navigate Intune documentation on TechNet, see the Intune Site Map. Want to try Intune? Sign up for a 30-day trial.
Vindt u dit nuttig?
(1500 tekens resterend)
Bedankt voor uw feedback
Weergeven:
© 2015 Microsoft