Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features and Enhancements

Today, I will explore the details of Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features. Day-zero support, also known as same-day support, confirms that software solutions are compatible with the latest operating system versions when those updates are accessible to the public.

According to a recent Apple announcement regarding the release of iOS/iPadOS 18.0 and macOS 15.0 Sequoia, Microsoft Intune has made significant attempts to ensure day-zero support for the latest operating systems. They are committed to revising their service and introducing new features to support the latest OS versions.

After the release of iOS/iPadOS 18, Intune will not support Apple User Enrollment with Company Portal. In iOS/iPadOS 18, Apple will no longer support profile-based User Enrollment, and Microsoft will end support for Apple user enrollment with Company Portal.

As a result, an alternate management method for enrolling devices is suggested to achieve similar functionality and an improved user experience. This post will discuss the alternate management methods for Day-Zero Support for iOS/iPadOS 18 and MacOS 15, as given below.

Patch My PC
[sibwp_form id=2]

What are the Consequences of Existing Devices and Profiles?

Day-Zero Support for iOS/iPadOS 18 and macOS 15

After Intune ends support for User Enrollment with Company Portal, existing devices will not be affected and will continue to be enrolled. However, users will no longer be able to enrol in new devices if targeted with this enrollment type profile. With this method, Intune technical support will be available only for existing devices enrolled, and no support will be provided for new enrollments.

Alternate Management Method for Enrolling Devices

Account-driven user enrolment and web-based device enrollment are the two alternate management methods for enrolling devices. Account-driven user enrolment offers a quicker and more user-friendly enrollment experience than the Company Portal enrollment.

The new web-based device enrollment for iOS/iPadOS offers a more straightforward and efficient process, ensuring a continuous onboarding experience.

Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features and Enhancements

Microsoft has supported data-driven infrastructure to provide day-zero backing for new settings released by Apple. The Apple settings catalog now supports the latest iOS/iPadOS and macOS settings for declarative device management (DDM) and mobile device management (MDM). This ensures your team’s devices are ready for Day-Zero Support for iOS/iPadOS 18 and macOS 15.

Adaptiva
Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features and Enhancements - Fig.1
Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features and Enhancements – Fig.1

Declarative Device Management (DDM)

Declarative Device Management enhances device management. It agrees that devices should apply settings and report status to the MDM solution without regular polling. It also ensures data security with no internet connectivity.

Let’s check what are the new settings available for DDM:

New settings available for DDMSpecifications
Disk ManagementExternal Storage
Network Storage
Safari Extension SettingsAllowed Domains
Denied Domains
Private Browsing
State
Software Update SettingsAllow Standard User OS Updates
Software Update Settings > Automatic updatesAllowed
Download
Install OS Updates
Install Security Update
Software Update Settings > DeferralsCombined Period In Days
Major Period In Days
Minor Period In Days
System Period In Day
Notifications
Software Update Settings > Rapid Security ResponseEnable
Enable Rollback
Recommended Cadence
Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features and Enhancements – Table 1

In the forthcoming September (2409) release of Intune, new DDM settings will be established:

  • Calculator
  • Basic Mode
  • Add Square Root
  • Scientific Mode – Enabled
  • Programmer Mode – Enabled
  • Input Modes – Unit Conversion
  • System Behavior – Keyboard Suggestions
  • System Behavior – Math Notes

MDM (Mobile Device Management)

Apple has always presented tools for businesses and schools to meet organisational needs. The MDM (Mobile Device Management) is necessary for controlling devices and is combined directly into macOS, iOS, and TVOS. The current MDM protocol is reactive and imperative.

Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features and Enhancements - Fig.2
Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features and Enhancements – Fig.2

New settings for MDM, including

  1. Extensible Single Sign On (SSO) > Platform SSO
    • Authentication Grace Period
    • Login Policy
    • FileVault Policy
    • Unlock Policy
    • Non-Platform SSO Accounts
    • Offline Grace Period
  2. Extensible Single Sign On Kerberos
    • Allow Password and SmartCard
    • Start In Smart Card Mode
    • Identity Issuer Auto Select Filter
  3. Restrictions
    • Allow iPhone Mirroring, ESIM Outgoing Transfers, Image Wand, Personalized Handwriting Results, Writing Tools, Video Conferencing Remote Control, Genmoji and Image Playground.
  4. System Policy Control
    • Enable XProtect Malware Upload

In the upcoming September (2409) release of Intune, new MDM settings will be introduced:

System ExtensionsWeb Content Filter
Non Removable System ExtensionsHide Deny List URLs
Non Removable System Extensions UI
Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features and Enhancements – Table 2

Updates to ADE Setup Assistant Screens within Enrollment Policies

ADE, which stands for Automated Device Enrollment, was formerly known as the Device Enrollment Program (DEP) by Apple. ADE enables you to enrol multiple iOS/iPadOS/macOS devices without a user interface and configures the devices to be in supervisory mode. After enrollment, users cannot remove the enrollment profile, and the only supported method to exit enrollment is to wipe the device.

In the September release (2409) of Intune, administrators can display or hide six new Setup Assistant Screens when making an Automated Device Enrolment (ADE) policy. These screens will involve three macOS Skip Keys and three iOS/iPadOS, and they will be available for existing and new enrollment policies.

Six New Setup Assistant ScreensDescription
1. Emergency SOS (iOS/iPadOS 16+)The IT admin can show or hide the iOS/iPadOS Safety (Emergency SOS) setup pane demonstrated during Setup Assistant.
2. Action button (iOS/iPadOS 17+)The IT admin can show or hide the iOS/iPadOS Action button configuration pane displayed during Setup Assistant.
3. Intelligence (iOS/iPadOS 18+)The IT admin can show or hide the iOS/iPadOS Intelligence setup pane displayed during Setup Assistant.
4. Wallpaper (macOS 14+)The IT admin can show or hide the macOS Sonoma wallpaper setup pane displayed after an upgrade. If hidden, the Sonoma wallpaper is set by default.
5. Lockdown mode (macOS 14+)The IT admin can show or hide the macOS Lockdown Mode setup pane displayed during Setup Assistant.
6. Intelligence (macOS 15+)The IT admin can show or hide the macOS Intelligence setup pane displayed during Setup Assistant.
Intune Fully Supports iOS iPadOS 18 and macOS 15 New Features and Enhancements – Table 3

Updates to Supported vs. Allowed Versions for Devices without a Primary User

Microsoft has updated the model for enrolling devices without a primary user (user-less devices) in supported OS versions to preserve the security and productivity of enrolled devices. The support statements now include the iOS/iPadOS 18 changes and the upcoming macOS 15 releases.

Resources

We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.

Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.