Not a user yet?
Log in Register for free Suggest a product
Update

New settings available in the Apple settings catalog

IntuneIntune
Microsoft
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

What's new in Microsoft Intune

Week of June 23, 2025 (Service release 2506)

App management
Add Enterprise App Catalog apps to ESP blocking apps list
Windows Autopilot now supports Enterprise App Catalog apps. Microsoft Intune Enterprise App Management enables IT admins to easily manage applications from the Enterprise App Catalog. Using Windows Autopilot, you can select apps from the Enterprise App Catalog as blocking apps in the Enrollment Status Page (ESP) and the Device Preparation Page (DPP) profiles. This allows you to ensure those apps are delivered before the user can access the desktop.

Microsoft Intune support for Apple AI screen capture control
Intune app protection policies now include a standalone setting to manage Apple AI screen capture. This setting is supported by apps that have updated to version 19.7.12 or later for Xcode 15, and 20.4.0 or later for Xcode 16 of the Intune App SDK and App Wrapping Tool. Currently, screen capture is blocked when the app protection policy Send Org data to other apps setting is configured to a value other than All apps.

Managed Home Screen orientation changes with Android 16
Starting with Android 16, Android stops enforcing screen orientation on devices with 600dp and larger display settings. This change impacts the Managed Home Screen (MHS) on devices with larger form factors, like tablets.

On these Android 16 devices, orientation is determined by the device’s orientation setting, not the MHS settings you configure.

To learn more about Android 16 changes, go to Behavior changes: Apps targeting Android 16 or higher (opens Android website).

Applies to:

  • Android Enterprise

Device configuration
New settings available in the Apple settings catalog
The Settings Catalog lists all the settings you can configure in a device policy, and all in one place. For more information about configuring settings catalog profiles in Intune, go to Create a policy using settings catalog.

There are new settings in the settings catalog. To see these settings, in the Microsoft Intune admin center, go to Devices > Manage devices > Configuration>Create>New policy>iOS/iPadOS or macOS for platform>Settings catalog for profile type.
iOS/iPadOS
Managed Settings:

  • Idle Reboot Allowed

macOS
Authentication > Extensible Single Sign On (SSO):

  • Allow Device Identifiers In Attestation

Microsoft Edge:

  • The Microsoft Edge category has been updated with hundreds of new settings. Learn more about available macOS Edge settings at Microsoft Edge - Policies.
    Apple deprecated the Identification payload in macOS 15.4.

New Block Bluetooth setting in the Android Enterprise settings catalog
The Settings Catalog lists all the settings you can configure in a device policy, and all in one place. For more information about configuring Settings Catalog profiles in Intune, see Create a policy using settings catalog.

There's a new Block Bluetooth setting (Devices>Manage devices> Configuration>Create>New policy>Android Enterprise for platform>Settings catalog for profile type). When set to True, Bluetooth is disabled on the device.

There's also a Block Bluetooth Configuration setting that prevents end users from changing the Bluetooth setting on the device.

These settings are different and have different results. Some examples include:

  • Scenario: An end user turned on the Bluetooth setting on their device. The admin creates an Intune policy that sets the Block Bluetooth setting to True.
    In this situation, Bluetooth is blocked on the device, even though the end user turned it on.
  • Scenario: An end user turned on the Bluetooth setting on their device. The admin creates an Intune policy that sets the Block Bluetooth Configuration setting to True.

In this situation, Bluetooth is turned on since the end user previously turned it on. The end user can't turn off Bluetooth. If the end user previously turned Bluetooth off, and then the Block Bluetooth Configuration policy applies, then Bluetooth is turned off and the end user can't turn it back on.

For a list of existing settings you can configure in the settings catalog, see Android Enterprise device settings list in the Intune settings catalog.

Device management
New reporting system for improved performance and data consistency
Microsoft Intune is rolling out the new Policy Reporting Service (PRS) V3. The new system brings faster report generation, improved reliability, and better data consistency.

In the first phase, some high-traffic compliance and device configuration reports are transitioning to the new system.

Users will notice quicker updates in the Intune admin center and fewer issues with stale data. No action is required from users, as your reports transition automatically.

Device security
New attributes and S/MIME baseline requirements for SCEP certificate profiles
Intune supports two new attributes for subject name settings in SCEP and PKCS device configuration profiles. They include:

  • G={{GivenName}}
  • SN={{SurName}}
    Beginning July 16th, you are required to use these attributes in the subject name format if you're using a third party public certificate authority (CA) integrated with the Intune SCEP API for issuing S\\MIME (encryption or signing) certificates anchored up to a public root CA. After that date, a public CA will not issue or sign S\\MIME certificates that omit these attributes.

Intune apps
Newly available protected apps for Intune
The following protected apps are now available for Microsoft Intune:

  • Datasite for Intune by Datasite (iOS)
  • Mijn InPlanning by Intus Workforce Solutions (iOS)
  • Nitro PDF Pro by Nitro Software, Inc. (iOS)
  • SMART TeamWorks by SMART Technologies ULC (iOS)

Monitor and troubleshoot
New status column in Windows hardware attestation report
We added a new column, Attest Status, to the Windows hardware attestation report to improve visibility into attestation errors. This column shows error messages received during the attestation process, helping you identify issues from both the service and client sides. Error types shown in this column include:

  • WinINet errors
  • HTTP bad request errors
  • Other attestation-related failures
Version: Service release 2506 Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft Intune updates

More from the Cloud Services section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad