Microsoft has just announced some new mobile applications features for their Intune service that will benefit the mobile enterprise. The MDM and MAM service is part of Microsoft’s enterprise mobility management suite and this upgrade to Intune should help expand their grip on the MDM and MAM industry.
This eBook explains how IT can streamline technology practices to:
- Save money
- Ensure your hiring and retaining best employees
- Positively impact culture
Here are the updates from the Microsoft Intune Website:
- The Rights Management sharing app is supported for Android.
Intune administrators can deploy mobile application management policies so end users can view images, AV, and PDF files more securely, whether or not IT uses Intune to manage the devices.The RMS Sharing app is being updated with support for Microsoft Intune on Android. In addition to being able to deploy the iOS RMS Sharing app with Intune MAM protection, IT Pros will be able to deploy the RMS Sharing app to Android devices to allow their users to securely view image, AV, and PDF files, while ensuring that corporate data stays secure using mobile application management policies with or without device management.
- MAM user compliance.
You can now view the status of your application management policies for any user in your Azure Active Directory (AAD) tenant. This includes:
- Apps on the device
Checked in: Indicates the policy was deployed to the user, and app was used in work context, and successfully received the policy.
Not checked in: Indicates the policy was deployed to the user, but app has not been used in the work context since then.
- MAM controls to prevent Outlook contacts sync (Android).
A new setting is available for mobile application management without device enrollment. This setting allows you to prevent an application from syncing contacts to the native address book on Android devices. When this setting is enabled, targeted applications will no longer be able to save contacts to the native address book. When this setting is disabled, targeted applications will be able to save contacts to the native address book. When you remotely wipe a device or app, contacts that have already been saved to the native address book will be removed. This new setting is supported initially by the Outlook application on Android devices.
- Phone number identification for corporate-owned devices. Phones that are categorized as “Corporate” are now identified with their full phone number when, for example, you run a mobile device inventory report. BYOD phone numbers continue to be masked with ****, with only the last 4 digits displayed.
Android Company portal app
Users who have not enrolled their device in Intune and who do not have the correct certificate installed will not be able to sign in to the Android Company Portal app and will see the message, “You cannot sign in because your device is missing a required certificate.” The message includes a “How to resolve this” link that users can tap to see instructions for installing the certificate. To see the steps that end users follow to resolve the issue, see Your device is missing a required certificate.
iOS Company Portal app
Support has been added for the pull-to-refresh action to refresh the content on the home screen, which includes listed apps, listed devices, and IT contact information. The pull-to-refresh action does not check compliance or policy information, which can be done by selecting the tile for your current device and tapping the Sync button.
Windows 10 Mobile and Windows Phone 8.1 Company Portal app
When end users are installing line-of-business apps, they will now see an improved app installation experience. If the app installation is taking a long time, users can manually sync their device to force the sync process to resume. To review the end-user instructions, see Sync your device manually to speed up app installations.
Company Portal website
When Windows 10 Mobile and Windows Phone 8.1 users are installing line-of-business apps, they will now see the following new statuses, which provide them with more detail about the status of their installation:
- Waiting for device to sync – the user has tapped “Install” and the device now tries to sync with the Intune infrastructure. The sync is required before the installation can complete. The “Waiting for device to sync” message is also a link that users can tap to seeinstructions on how to manually sync their device with Intune if the sync process is taking a long time or gets stalled.
- Downloading – the user’s download request is being processed and the device is downloading and installing the app.
Before these statuses were added, users got confused if an app installation took a long time, because they saw only an “Installing” status, which might remain on the screen for hours. Adding the new statuses means that, instead of calling support, users can now tap the “Waiting for device to sync” link and follow the instructions to force the sync process to resume.
Changes to Device Enrollment Managers accounts. To improve performance and scale, Intune will no longer show all Device Enrollment Managers (DEM) devices in the My Devices pane of the Company Portal app. Only the local device running the app is displayed, and only if it is enrolled via the Company Portal app. The DEM user may perform actions on the local device, but remote management of other enrolled devices can only be performed from the Intune admin console. Additionally, Intune will deprecate using DEM accounts with either the Apple Device Enrollment Program or the Apple Configurator tool. Both these enrollment methods already support user-less enrollment for shared iOS devices. Only use DEM accounts when user-less enrollment for shared devices is unavailable.