Posted in

Microsoft Intune Enhances Apple Device Management with Streamlined Enrollment and Advanced Security Features

by ailona

Microsoft Intune simplifies Apple device management with streamlined enrollment methods for personal and corporate devices. From web enrollment to Automated Device Enrollment (ADE), Intune enhances security and compliance while reducing setup time—empowering IT admins to efficiently manage Apple devices in any organization.

Understanding Apple Enrollment Methods in Microsoft Intune

If you manage Apple devices in your organization, Microsoft Intune offers powerful enrollment options. These methods streamline device management while keeping security tight. Let’s break down what’s new and important for tech pros.

What’s New in Apple Device Enrollment?

Microsoft Intune recently rolled out web enrollment for Apple devices running iOS/iPadOS 15 and later. This method doesn’t require users to install the Company Portal app, speeding up the enrollment process significantly. It keeps all the benefits of traditional enrollment but cuts down on user friction and latency.

“We strongly encourage you to take advantage of web enrollment for a faster and more efficient enrollment process for your users.”

Additionally, Intune introduced just-in-time (JIT) registration and compliance remediation for iOS/iPadOS enrollments. These features enhance user experience by simplifying registration and ensuring compliance automatically.

Major Enrollment Methods Explained

Personal Owned Devices (BYOD)

For BYOD scenarios, Intune supports two main enrollment types:

  • Profile-based Device Enrollment (previously User Enrollment): Secures the entire personal device and supports app takeover.
  • Web Enrollment: Recommended for iOS/iPadOS 15+, it offers the same security without needing the Company Portal app.

Note that older methods like Profile-based User Enrollment and User Enrollment with Company Portal ended support in 2024.

Corporate Owned Devices

For corporate devices, Intune uses Automated Device Enrollment (ADE), formerly known as Device Enrollment Program (DEP). ADE can enroll devices with or without user affinity:

  • With user affinity: Devices are tied to users who can access apps via Company Portal.
  • Without user affinity: Ideal for kiosks or shared devices without local user data.
  • Shared mode (iOS/iPadOS only): For frontline or shared worker scenarios.

Why These Updates Matter

These enrollment improvements reflect Microsoft’s focus on reducing complexity and enhancing security. By removing the mandatory Company Portal app for some methods, users get a smoother onboarding experience. Meanwhile, admins gain flexible tools to manage diverse device types efficiently.

“By bringing the enrollment experience to where the user is, we help them get productive faster and ensure a smoother transition.”

Moreover, upcoming Company Portal enhancements like the user-less app catalog will further empower frontline workers and simplify device management.

Final Thoughts

If you’re managing Apple devices with Microsoft Intune, take advantage of web enrollment and JIT registration now. These features speed up onboarding and keep devices compliant effortlessly. Stay tuned for more updates, especially if you support frontline workers.

For hands-on guides and community support, visit the Microsoft Intune admin center or connect with the Intune Support Team on social channels.

  • Intune installs an MDM certificate during enrollment to enforce organizational policies.
  • Web enrollment supports iOS/iPadOS 15+ without needing the Company Portal app, speeding up setup.
  • Automated Device Enrollment (ADE) offers flexible options for user-affiliated and shared corporate devices.
  • Just-in-time (JIT) registration and compliance remediation improve user experience and compliance.
  • Upcoming Company Portal updates include a user-less app catalog for frontline worker scenarios.

    • From the Intune Customer Success articles