Intune Service Release 2207 New Features | MEM

This post will show the new features released in Microsoft Intune Service Release 2207. Microsoft release updates as frequently as every week. Here specifically, you will get an overview of Intune monthly release updates.

Every update contains new features, bug fixes, and, most importantly, new capabilities. It allows you to try out new features and provide the best experience. You can get more information about updates by knowing the Intune service release.

The Service Release number in the Tenant Status blade in your console shows the released update. The new features are publicly available and provide an overview of the current release. This is published once Microsoft starts rolling out the admin UI updates in the console.

Patch My PC

Microsoft Endpoint Manager Intune service release 2207 includes two key security and user improvements, including the return of several capabilities in Windows Autopilot and support for enhanced security options for Automated Device Enrollment (ADE).

Intune Service Health messages keep all health messages for the Intune service in one place. The health page is designed to inform you about known issues so you can troubleshoot issues your users may be experiencing and determine when and at what scale, to deploy an update in your organization.

Intune Monthly Update Details

The update and some features may roll out over several weeks and might not be available to all customers in the first week. The order and duration vary.

Each monthly update may take up to three days to rollout and will be in the following order –

  • Day 1: Asia Pacific (APAC)
  • Day 2: Europe, Middle East, Africa (EMEA)
  • Day 3: North America
  • Day 4+: Intune for Government

Check Microsoft Intune Service Release Version

The following steps help you to check Intune service release version of your tenant –

  • Under the Tenant Details tab, you will see the current service version for your account under “Service Release”. You can see the Intune Service release 2207 indicating the latest released version.

Intune Service Release Version numbers are named based on the YYMM format. For example, Here Service release version is 2207!” It means this version is released in July 2022.

Note – The service release number is a link that opens the What’s new in Intune article on Microsoft docs. Here you can get information about the latest features and updates to the Intune service.

Service Release - Microsoft Intune Service Release 2207 New Features
Service Release – Microsoft Intune Service Release 2207 New Features

New Features In Microsoft Intune Service Release 2207 – July 2022 Update

Let’s check the new features and improvements added to Intune Service Release 2207, July 2022 Update –

New Search Feature in Preview Devices for Intune Filters

Starting with Intune Service Release 2207, In the Microsoft Endpoint Manager admin center, you can create filters, and then use these filters when assigning apps and policies (Devices > Filters > Create).

When you create a filter, you can select Preview devices to see a list of enrolled devices that match your filter criteria. In Preview devices, you can also search through the list using the device name, OS version, device model, device manufacturer, user principal name of the primary user, and device ID.

Learn how to use Intune Filters For Assigning Apps Policies And Profiles In Intune Portal

Intune Filters Preview Devices - Microsoft Intune Service Release 2207 New Features
Intune Filters Preview Devices – Microsoft Intune Service Release 2207 New Features

New Hardware Details Available for Individual Devices Running on iOS/iPadOS and macOS

Starting with Intune Service Release 2207, Microsoft Intune now collects the Product Name attribute for iOS, iPadOS, and macOS so you can see your exact device model. This information can be used for understanding device replacement or OS version support.

In MEM Admin Center, Select Devices > All devices > select one of your listed devices and open its Hardware details. The following new detail is available in the Hardware pane of individual devices:

  • Product name: Shows the product name of the device, such as iPad8,12. Available for iOS/iPadOS and macOS devices.
Hardware Details Available for Individual Devices Running on iOS/iPadOS and macOS - Credit Scott Breen
Hardware Details Available for Individual Devices Running on iOS/iPadOS and macOS – Credit Scott Breen

New iOS/iPadOS and macOS settings available in the Settings Catalog

The Intune Settings Catalog lists all the settings you can configure in a device policy all in one place. There are new settings available in the Settings Catalog (Devices > Configuration profiles > Create profile > Platform iOS/iPadOS or macOSSettings catalog for profile type).

 iOS/iPadOS and macOS settings Catalog - Intune Service Release 2207 New Features
iOS/iPadOS and macOS settings Catalog – Intune Service Release 2207 New Features

iOS/iPadOS Settings 

  • Networking > Cellular
  • User experience > Notifications
  • Printing > Air Print
  • App Management > App Lock
  • Networking > Domains
  • Networking > Network Usage Rules
  • Restrictions

macOS Settings 

  • System configuration > System extensions:
    • Removable System Extensions
  • System configuration > System extensions:
    • Allow User Overrides
    • Allowed System Extension Types
    • Allowed System Extensions
    • Allowed Team Identifiers

Remote Help Version: 4.0.1.12 Release

The Remote Help application is the client-side app that helps take control of the remote computer managed by Intune and assists the end-users.

Starting with Intune Service Release 2207, With Remote help 4.0.1.12 various fixes were introduced to address the ‘Try again later’ message that appears when not authenticated. The fixes also include an improved auto-update capability.

Detailed blog about the Intune Remote help solution – New Intune Remote Help Solution Available With Intune MEM Admin Center.

Initiate Compliance Checks for your AOSP devices from the Microsoft Intune App

Starting with Intune Service Release 2207, You can initiate a compliance check for your AOSP devices from the Microsoft Intune app.

Navigate to Device details. This feature is available on devices that are enrolled via the Microsoft Intune app as user-associated (Android) AOSP devices.

Monitor Bootstrap escrow Status on a Mac

You can monitor the bootstrap token escrow status for an enrolled Mac in the MEM admin center, Starting with Intune Service Release 2207. A new hardware property in Intune, called Bootstrap token escrowed, reports whether or not a bootstrap token has been escrowed in Intune.

Enable Common Criteria mode for Android Enterprise Devices

For Android Enterprise devices, you can use a new setting, Common Criteria mode, to enable an elevated set of security standards typically used by only highly sensitive organizations, such as government establishments.

The new setting, Common Criteria mode, is found in the System security category when you configure a Device restrictions template for the Android EnterpriseFully Managed, Dedicated, and Corporate-Owned Work Profile.

Devices that receive a policy with Common Criteria mode set to Require, elevated security components that include but are not limited to:

  • AES-GCM encryption of Bluetooth Long Term Keys
  • Wi-Fi configuration stores
  • Blocks bootloader download mode, the manual method for software updates
  • Mandates additional key zeroization on key deletion
  • Prevents non-authenticated Bluetooth connections
  • Requires that FOTA updates have 2048-bit RSA-PSS signature

Return of key functionality for Windows Autopilot sign-in and Deployment Experience

Starting with Intune service release 2207, MEM admins will be able to:

  • Pre-populate the Azure Active Directory (Azure AD) User Principal Name (UPN) under the pre-provisioning landing page and Azure AD sign-in page. Note: This is limited based on the manufacturer. Please contact your OEM to confirm if this functionality is enabled.
  • Automatically re-enroll a device through Autopilot for instances where the profile is set to self-deployment or pre-provisioning modes (public preview) without deleting the device record.
    Note: This is limited based on the manufacturer. Please contact your OEM to confirm if this functionality is enabled.
  • Automatically re-enroll devices where hardware components may have been replaced with Autopilot auto-remediation if the OS has not been reset.
Return of key functionality for Windows Autopilot sign-in and Deployment Experience - Credit Microsoft Intune Support Team
Return of key functionality for Windows Autopilot sign-in and Deployment Experience – Credit Microsoft Intune Support Team

Author

About Author – Jitesh, Microsoft MVP, has over five years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.