Email: helpdesk@telkomuniversity.ac.id

This Portal for internal use only!

All Categories

All Categories

Search

0 Wishlist

Cart

Categories
More Categories Less Categories

iconTicket Service Desk

All Categories

All Categories

Search

0 Wishlist

Cart

Menu
Home/Microsoft/Day zero support for iOS/iPadOS 18 and macOS 15

Day zero support for iOS/iPadOS 18 and macOS 15

/ 2024-09-10
Day zero support for iOS/iPadOS 18 and macOS 15
Microsoft

With Apple’s recent announcement of iOS/iPadOS 18.0 and macOS 15.0 Sequoia, we’ve been working hard to ensure that Microsoft Intune can provide day zero support for Apple’s latest operating systems so that existing features work as expected.

 

We’ll continue to upgrade our service and release new features that integrate elements of support for the new operating system (OS) versions.

 

Apple User Enrollment with Company Portal

With iOS/iPadOS 18, Apple no longer supports profile-based User Enrollment. Due to these changes, Intune will end support for Apple User Enrollment with Company Portal shortly after the release of iOS/iPadOS 18 and you’ll need to use an alternate management method for enrolling devices. We recommend enrolling devices with account driven User Enrollment for similar functionality and an improved user experience. For those looking for a simpler enrollment experience, try the new web based device enrollment for iOS/iPadOS.

 

Please note, device enrollment with Company Portal will remain unaffected by these changes.

 

Impact to existing devices and profiles:

After Intune ends support for User Enrollment with Company Portal:

Existing enrolled devices are not impacted and will continue to be enrolled.
Users won’t be able to enroll new devices if they’re targeted with this enrollment type profile.
Intune technical support will only be provided for existing devices enrolled with this method. We won’t provide technical support for any new enrollments.

 

New settings and payloads

We’ve continued to invest in the data-driven infrastructure that powers the settings catalog, enabling us to provide day zero support for new settings as they’re released by Apple. The Apple settings catalog has been updated to support all of the newly released iOS/iPadOS and macOS settings for both declarative device management (DDM) and mobile device management (MDM) so that your team can have your devices ready for day zero. New settings for DDM include:

 

Disk Management

External Storage: Control the mount policy for external storage
Network Storage: Control the mount policy for network storage

 

Safari Extension Settings

Allowed Domains: Control the domain and sub-domains that the extension can access
Denied Domains: Control the domain and sub-domains that the extension cannot access
Private Browsing: Control whether an extension is allowed in Private Browsing
State: Control whether an extension is allowed, disallowed, or configurable by the user

 

Software Update Settings

Allow Standard User OS Updates: Control whether a standard user can perform Major and Minor software updates

 

Software Update Settings > Automatic updates

Allowed: Specifies whether automatic downloads of available updates can be controlled by the user
Download: Specifies whether automatic downloads of available updates can be controlled by the user
Install OS Updates: Specifies whether automatic install of available OS updates can be controlled by the user
Install Security Update: Specifies whether automatic install of available security updates can be controlled by the user

 

Software Update Settings > Deferrals

Combined Period In Days: Specifies the number of days to defer a major or minor OS software update on the device
Major Period In Days: Specifies the number of days to defer a major OS software update on the device
Minor Period In Days: Specifies the number of days to defer a minor OS software update on the device
System Period In Days: Specifies the number of days to defer system or non-OS updates. When set, updates only appear after the specified delay, following the release of the update
Notifications: Configure the behavior of notifications for enforced updates

 

Software Update Settings > Rapid Security Response

Enable: Control whether users are offered Rapid Security Responses when available
Enable Rollback: Control whether users are offered Rapid Security Response rollbacks
Recommended Cadence: Specifies how the device shows software updates to the user

 

New settings for MDM include:

 

Extensible Single Sign On (SSO) > Platform SSO

Authentication Grace Period: The amount of time after a ‘FileVault Policy’, ‘Login Policy’, or ‘Unlock Policy’ is received or updated that unregistered local accounts can be used
FileVault Policy: The policy to apply when using Platform SSO at FileVault unlock on Apple Silicon Macs
Login Policy: The policy to apply when using Platform SSO at the login window
Non Platform SSO Accounts: The list of local accounts that are not subject to the ‘FileVault Policy’, ‘Login Policy’, or ‘Unlock Policy’
Offline Grace Period: The amount of time after the last successful Platform SSO login a local account password can be used offline
Unlock Policy: The policy to apply when using Platform SSO at screensaver unlock

 

Extensible Single Sign On Kerberos

Allow Password: Allow the user to switch the user interface to Password mode
Allow SmartCard: Allow the user to switch the user interface to SmartCard mode
Identity Issuer Auto Select Filter: A string with wildcards that can use used to filter the list of available SmartCards by issuer. e.g “*My CA2*”
Start In Smart Card Mode: Control if the user interface will start in SmartCard mode

 

Restrictions

Allow ESIM Outgoing Transfers
Allow Personalized Handwriting Results
Allow Video Conferencing Remote Control
Allow Genmoji
Allow Image Playground
Allow Image Wand
Allow iPhone Mirroring
Allow Writing Tools

 

System Policy Control

Enable XProtect Malware Upload

With the upcoming Intune September (2409) release, the new DDM settings will be:

 

Math

Calculator
Basic Mode
Add Square Root
Scientific Mode – Enabled
Programmer Mode – Enabled
Input Modes – Unit Conversion
System Behavior – Keyboard Suggestions
System Behavior – Math Notes

 

New MDM settings for Intune’s 2409 (September) release include:

 

System Extensions

Non Removable System Extensions
Non Removable System Extensions UI

 

Web Content Filter

Hide Deny List URLs

 

More information on configuring these new settings using the settings catalog can be found at Create a policy using settings catalog in Microsoft Intune.

 

Updates to ADE Setup Assistant screens within enrollment policies

With Intune’s September (2409) release, there’ll be six new Setup Assistant screens that admins can choose to show or hide when creating an Automated Device Enrollment (ADE) policy. These include three iOS/iPadOS  and three macOS Skip Keys that will be available for both existing and new enrollment policies.

 

Emergency SOS (iOS/iPadOS 16+)

The IT admin can choose to show or hide the iOS/iPadOS Safety (Emergency SOS) setup pane that is displayed during Setup Assistant.

Action button (iOS/iPadOS 17+)

The IT admin can choose to show or hide the iOS/iPadOS Action button configuration pane that is displayed during Setup Assistant.

Intelligence (iOS/iPadOS 18+)

The IT admin can choose to show or hide the iOS/iPadOS Intelligence setup pane that is displayed during Setup Assistant.

Wallpaper (macOS 14+)

The IT admin can choose to show or hide the macOS Sonoma wallpaper setup pane that is displayed after an upgrade. If the screen is hidden, the Sonoma wallpaper will be set by default.

Lockdown mode (macOS 14+)

The IT admin can choose to show or hide the macOS Lockdown Mode setup pane that is displayed during Setup Assistant.

Intelligence (macOS 15+)

The IT admin can choose to show or hide the macOS Intelligence setup pane that is displayed during Setup Assistant.

For more information refer to Apple’s SkipKeys | Apple Developer Documentation.

 

Updates to supported vs. allowed versions for user-less devices

We previously introduced a new model for enrolling user-less devices (or devices without a primary user) for supported and allowed OS versions to keep enrolled devices secure and efficient. The support statements have been updated to reflect the changes with the iOS/iPadOS 18 and upcoming macOS 15 releases:

 

Support statement for supported versus allowed macOS versions for devices without a primary user.

 

If you have any questions or feedback, leave a comment on this post or reach out on X @IntuneSuppTeam. Stay tuned to What’s new in Intune for additional settings and capabilities that will soon be available!

​Microsoft Tech Community – Latest Blogs –Read More 

Tags:

Related posts

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data
2024-11-14

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data

Microsoft introduces new adapted AI models for industry
2024-11-13

Microsoft introduces new adapted AI models for industry

IDC’s 2024 AI opportunity study: Top five AI trends to watch
2024-11-13

IDC’s 2024 AI opportunity study: Top five AI trends to watch

Leave a Reply

Your email address will not be published. Required fields are marked *

Adobe
Google for Education
IBM
Matlab
Microsoft
Wordpress
Visual Paradigm
Opensource

Portal Application Package Repository Telkom University, for internal use only, empower civitas academica in study and research.

Information

Contact Us

Copyright © Telkom University. All Rights Reserved. ch