Enroll macOS in Intune: A Step-by-Step Guide for Beginners (2024)

FAQs

Enroll macOS in Intune: A Step-by-Step Guide for Beginners? ›

To create an enrollment profile, click the Add button at the bottom of the Profile Manager sidebar, then choose Enrollment Profile from the pop-up menu. To restrict the use of the enrollment profile to devices for which you entered a placeholder record, turn on “Restrict use to devices with placeholders.”

To create an enrollment profile, click the Add button at the bottom of the Profile Manager sidebar, then choose Enrollment Profile from the pop-up menu. To restrict the use of the enrollment profile to devices for which you entered a placeholder record, turn on “Restrict use to devices with placeholders.”

Enroll your macOS device with the Intune Company Portal app to gain secure access to your work or school email, files, and apps. Organizations typically require you to enroll your device before you can access proprietary data. After your device is enrolled, it becomes managed.

Account editing: Microsoft Intune does not allow administrators to edit user accounts in the program's interface. Endpoint Manager allows users to manage accounts across its suite from its admin center.

Intune requires Android 8. x or higher for device enrollment scenarios and app configuration delivered through Managed devices app configuration policies. This requirement does not apply to Microsoft Teams Android devices as these devices will continue to be supported.

In the Microsoft Intune admin center, go to Devices > macOS > macOS enrollment. Select Enrollment program tokens. Select Add. Select I agree to grant permission to Microsoft to send user and device information to Apple.

All Mac enrollments in Intune are considered user-approved. User-approved enrollment lets you manage macOS devices that aren't part of Apple School Manager or Apple Business Manager. It provides the same level of control as supervised macOS devices enrolled using Automated Device Enrollment or Apple Configurator.

How to install MDM profile on Mac? ›

Locate the mail message or website that contains the configuration profile, and download it to your Mac. Your Mac should recognize the file and go to System Preferences > Profiles for you. Click Show Profile to view the profile, or click Continue to install the profile.

Whether you manually add users or synchronize from your on-premises Active Directory, you must first assign each user an Intune Plan 1 license before users can enroll their devices in Intune.

Add a device to your Microsoft account

Download Microsoft Edge from the Apple App Store and sign in with your Microsoft account. Go to account.microsoft.com/devices, select Register device, then follow the instructions.

In the Intune admin center, create an enrollment profile. Select Enroll without user affinity (user-less devices or shared devices). With user-less devices: Users can't use apps that require a user, including the Company Portal app.

The Device Enrollment Program (DEP) helps businesses easily deploy and configure Apple devices. DEP provides a fast, streamlined way to deploy organization-owned iPad and iPhone devices, Mac computers, and Apple TV purchased directly from Apple or participating Apple Authorized Resellers or carriers.

What are the five phases in the Microsoft Intune application lifecycle? ›

There are two parts to compliance policies in Intune: Compliance policy settings – Tenant-wide settings that are like a built-in compliance policy that every device receives.

Microsoft Intune is our cloud-based unified endpoint management solution and has become a market leader – managing endpoints across Windows, Android, Mac, iOS, and now Linux operating systems.

Microsoft Intune new name. Effective October 12, 2022, Microsoft Intune becomes the name of the endpoint management family with the name Microsoft Endpoint Manager no longer being used.

Microsoft Intune is solely a cloud technology by Office 365. It is also known as cloud variant of SCCM, but it is NOT equivalent to SCCM. When it comes to Intune vs SCCM, SCCM is a much more powerful tool than Intune as a service for business users.

Requires macOS 10.15 and newer. Network volumes: Your options: Not configured: Intune doesn't change or update this setting.

As a cloud-only service, Intune doesn't require an on-premises infrastructure such as servers or gateways.

What are the device features of Intune macOS? ›

Intune includes built-in settings to customize features on your macOS devices. For example, administrators can add AirPrint printers, choose how users sign in, configure the power controls, use single sign-on authentication, and more.

Approving the MDM Profile

From the Apple menu, launch 'System Preferences'. Click on 'Profiles'. Select the 'MDM Profile' and press 'Approve' (or 'Install' on newer operating systems).

Sign in to the Microsoft Intune admin center. Navigate to Devices > Scripts and select a macOS shell script.

How Do I Know If My Mac Has MDM? It's easy to check whether your Mac has an MDM. Simply go to “System Preferences”. If you don't see a section as “Profiles” or “Profiles & Device Management”, then you don't have any MDM on your Mac.

Select this option only when the corporate data on the devices in the profile should be managed. Device Enrollment. Select this option when the devices in the profile should be fully managed.

Open System Preferences on your mac by clicking on the Apple icon in the top left corner and selecting "System Preferences..." from the drop-down list. Find the Profiles icon and click on it. Find "MDM Profile" in the list on the left and click on it.

Apple also restricts multiple MDM profiles on a device. Therefore, you can't install one MDM profile on top of another. When you migrate macOS devices to a new MDM, you'll need to send a command from the original MDM to remove the management profile from devices.

MDM lets you securely and wirelessly configure devices by sending profiles and commands to the device, whether they're owned by the user or your organization. MDM capabilities include updating software and device settings, monitoring compliance with organizational policies, and remotely wiping or locking devices.

During device enrollment: Your device enrolls in Microsoft Intune, a mobile device management provider, and registers with your organization. This step ensures that you're authorized to access your organization's email, apps, and Wi-Fi. Your organization's device management policies are applied to your device.

What is the process of enrolling a device into the system? ›

Enroll device

Enter the username and password for your work account. If you followed the create a user and assign a license evaluation step, you can use the user account that you created. Wait for your device to finish registering. When you see the You're all set!

Sign in to the Microsoft Intune admin center and choose Devices > Android > Android enrollment > Corporate-owned devices with work profile. Choose Create profile and fill out the fields. Name: Type a name that you'll use when assigning the profile to the dynamic device group.

How long does the Intune Enrollment process take? We ask for your time and patience as the enrollment process can take up to 30 minutes.

A device enrollment manager (DEM) is a non-administrator user who can enroll devices in Intune. Device enrollment managers are useful to have when you need to enroll and prepare many devices for distribution.

By enrolling your device in Intune, you get secure access to work or school apps on your mobile device, and access to apps in Intune Company Portal.

Self-Deploying mode then automatically joins your devices with your company's Azure AD tenant, which can perform MDM enrolment using Microsoft Intune and deploy your pre-set applications, certificates, policies and profiles without any need for additional IT input.

Android. Intune requires Android 8.

Microsoft Intune supports Android, Android Open Source Project (AOSP), iOS/iPadOS, macOS, and Windows client devices. With Intune, you can use these devices to securely access organization resources with policies you create.

iOS, iPadOS, macOS, and tvOS have a built-in framework that supports mobile device management (MDM). MDM lets you securely and wirelessly configure devices by sending profiles and commands to the device, whether they're owned by the user or your organization.

What is the minimum OS version for Intune? ›

All new Apple devices will also require a minimum of iOS/iPadOS version 14 or higher to successfully enrol to Intune. Local Administrators can view the OS version of all devices from the “Devices” section of the Intune Admin Console.

Intune device limit restrictions

You can allow a user to enroll up to 15 devices.

During enrollment, Intune installs an MDM certificate on the enrolling device. The MDM certificate communicates with the Intune service, and enables Intune to start enforcing your organization's policies, such as: Enrollment policies that limit the number or type of devices someone can enroll.

Remove in device Settings app

Open the Settings app. Go to Accounts > Access work or school. Select the connected account that you want to remove > Disconnect. To confirm device removal, select Yes.

On a Mac, the bypass code can be entered by clicking Recovery Assistant in the menu bar and selecting the “Activate with MDM key” option.