Use JIT registration and JIT compliance remediation for all your iOS/iPadOS enrollments
By: Rishita Sarin – Product Manager | Microsoft Intune
In 2022 we began supporting just-in-time (JIT) registration and JIT compliance remediation for Automated Device Enrollment (ADE) and account driven Apple User Enrollment. With the recent Microsoft Authenticator release (version 6.8.13), this capability is now available for all iOS/iPadOS enrollments!
While you may associate JIT Compliance Remediation with new enrollments, this capability also improves the experience for existing enrolled devices.
What is JIT registration and JIT compliance remediation?
JIT registration within the enrollment flow improves the user experience since it no longer requires the Company Portal app for Microsoft Entra registration or compliance checking. By removing the Company Portal requirement, we eliminated extraneous steps, removed required app downloads that can’t be changed, and put an end to switching between apps to get the device compliant, thereby streamlining the user flow.
Additionally, JIT compliance remediation is the embedded flow for users to see their compliance status and a list of actions right within the app that they’re already completing JIT registration within. In the case of noncompliance, this new flow displays the Web Company Portal page with the noncompliance reasoning, eliminating steps and switching between apps, as well as reducing the number of authentications.
Will this help with existing enrolled devices?
Yes, JIT compliance remediation is an improved experience for both newly enrolled and existing devices to remain compliant with their organization’s Conditional Access policies.
Check out the JIT compliance remediation flow in action in the videos below. These videos show the embedded compliance checks of an enrolled device that is non-compliant, and how the user is guided to get their device compliant without any app switching. In this demo, the user lands on the home screen and opens Microsoft Teams to access their messages. They’re blocked by Conditional Access right within the Teams app by the embedded compliance check. The user sees that they need to update their operating system to become compliant and gain access to corporate resources. The user updates their operating system and returns to the Teams app where the compliance page refreshes, and shows the device is now compliant and the messages flow in.
The JIT compliance remediation feature is automatically applied to all devices that have compliance policies targeted to them, that are utilizing JIT registration for iOS/iPadOS devices. Turn on JIT registration and JIT compliance remediation today! Set up just in time registration – Microsoft Intune | Microsoft Learn
For more information on how to set up JIT registration and compliance remediation for ADE and user enrollment, read the blog Just in Time registration and compliance Remediation for iOS/iPadOS with Microsoft Intune.
Microsoft Tech Community – Latest Blogs –Read More