Let’s discuss the Microsoft Intune Evolution over 10 Years as an Intune Admin. I started testing Intune back in 2012, and this blog post is about my experience with Intune Evolution.
I think Microsoft released the first beta of Microsoft Intune (Codename Florida) back in April 2010. Intune is the successor to the never-released System Center Online Desktop Manager project.
My first post about Intune is “How to Add or Upload Software Apps to Microsoft Intune.” Intune started with the Silverlight console and was moved to the Azure portal after seven years of beta release.
The best part of Intune’s evolution (in my experience) is that Microsoft is NOT in a rush to adopt features from other MDM solutions in the market. Instead, they have a clear strategy to add each feature to Intune correctly (by not hacking around the system).
- 2405 Microsoft Intune New Features May Update
- 2404 Microsoft Intune New Features April Update
- 2403 Microsoft Intune New Features March Update
Table of Contents
Microsoft Intune Evolution Over 10 Years Intune Admin – Intune Graph API Evolution
I assume most of the innovations in Intune device management solutions were blocked because of Silverlight’s infrastructure. The Intune Silverlight infrastructure was a backbox for most developers and admins, and there were no public APIs to connect to.
Once Intune is migrated to the Azure portal, we can have a programmatic way of accessing data. Intune Graph API enables automation of application policy deployments. More details about Intune Graph API are available in the following post, “How to Fetch Intune and Azure AD details from Microsoft Graph API“.
Intune OS Version and Application Deployment Support Evolution
Intune started with Windows 7 device management support and evolved over the years to support all OS versions except Linux, Windows Server, and Unix. Intune supports all the mobile OS versions apart from Blackberry and Symbian (if I’m not wrong).
Over the years, Intune has added support for the deployment of various types of applications, such as Windows Installer (*.exe, *.msi), App Package for Android (*.apk), Windows Phone app package (*.xap, .appx, .appxbundle), Windows app package (.appx, .appxbundle), Windows Installer through MDM (*.msi), and external store apps.
Intune still doesn’t support complex MSI package and APP-V package deployments. Is this in their roadmap? I’ve no clue, but I assume it depends on Microsoft’s strategy toward APP-V technology.
Intune Client App and Security Policy Management Evolution
The need for Intune MSI client installation is eliminated with the release of Windows 10 operating systems and MDM channel management. We must still use the Intune MSI client to manage Windows 7 machines.
I hope to have fewer client health-related issues because Intune uses a built-in MDM channel to manage Windows devices.
Intune application management policies and security management policies have evolved over the years. This helped organizations (small and medium) concentrate on Intune cloud solutions rather than investing in on-prem AD and SCCM infrastructure.
Application and security management policies are available in the market for all three major OS versions (iOS, Android, and Windows). Will Intune security policies replace Windows Group Policies (GPO)? I don’t know at this point, but I believe Intune will be capable of doing that in the future (4+ years ?).
Intune Compliance Policy and OSD Evolution
Intune and Azure AD native integration is the best advantage of modern device management solutions. Azure AD conditional access (CA) and Intune compliance policies are the best examples of this integration. I believe no device management solution in the market could provide this finely tuned integration.
Windows OS deployment was not within the scope of Intune device management at any stage of its development. However, Microsoft’s vision for the Windows 10 AutoPilot solution/strategy will explain why the OSD was not part of Intune. Windows 10 AutoPilot is a Zero-touch deployment of Windows 10 devices.
Intune MAM without MDM and SCCM Integration Evolution
Intune MAM (Mobile Application Management) without MDM and device restriction policies are very helpful for enterprises. MAM without MDM will help us manage and protect corporate applications’ data.
Intune device restriction policies will help us block devices from enrolling in the corporate environment when they do not meet security, OS version, or other specified requirements.
SCCM integration evolutions with Intune in the hybrid scenario are another excellent example of Intune evolution. SCCM and Intune started supporting the integration with the SCCM 2012 R2 version.
Recently, Microsoft started supporting MDM authority change without impacting enrolled devices. Microsoft is also trying to bridge the GAPs between modern and traditional device management solutions.
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.