You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: memdocs/intune/fundamentals/deployment-guide-enrollment-windows.md
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,7 +7,7 @@ keywords:
7
7
author: MandiOhlinger
8
8
ms.author: mandia
9
9
manager: dougeby
10
-
ms.date: 03/07/2022
10
+
ms.date: 03/10/2022
11
11
ms.topic: conceptual
12
12
ms.service: microsoft-intune
13
13
ms.subservice: enrollment
@@ -64,7 +64,8 @@ You can also use this enrollment method to automatically bulk enroll devices wit
64
64
| Feature | Use this enrollment option when |
65
65
| --- | --- |
66
66
| You have Azure AD Premium | ✔️ |
67
-
| You'll use Conditional Access (CA) on devices enrolled using [bulk enrollment](../enrollment/windows-bulk-enroll.md). | ✔️ On Windows 11 and Windows 10 1803+, CA is available for Windows devices enrolled using bulk enrollment. <br/><br/> ❌ On Windows 10 1709 and older, CA isn't available for Windows devices enrolled using bulk enrollment. |
67
+
| You'll use Conditional Access (CA) on devices enrolled using [bulk enrollment](../enrollment/windows-bulk-enroll.md) with a provisioning package. | ✔️ On Windows 11 and Windows 10 1803+, CA is available for Windows devices enrolled using bulk enrollment. <br/><br/> ❌ On Windows 10 1709 and older, CA isn't available for Windows devices enrolled using bulk enrollment. |
68
+
| You have remote workers. | ✔️ |
68
69
| Devices are personal or BYOD. | ✔️ |
69
70
| Devices are owned by the organization or school. | ✔️ |
70
71
| You have new or existing devices. | ✔️ |
@@ -161,7 +162,7 @@ For more information on Windows Autopilot, see [Windows Autopilot overview](../.
161
162
| --- | --- |
162
163
| You purchase devices from an [OEM that supports the Windows Autopilot deployment service](https://aka.ms/windowsautopilot), or from resellers or distributors that are in the [Cloud Solution Partners (CSP)](https://partner.microsoft.com/membership/cloud-solution-provider) program. | ✔️ |
163
164
| Devices are hybrid Azure AD joined. | ✔️ <br/><br/> Hybrid Azure AD joined devices are joined to your on-premises Active Directory, and registered with your Azure AD. Devices in Azure AD are available to Intune. Devices that aren't registered in Azure AD aren't available to Intune. <br/><br/>A full Azure AD joined solution might be better for your organization. For more information, see the [Success with remote Windows Autopilot and hybrid Azure Active Directory join](https://techcommunity.microsoft.com/t5/intune-customer-success/success-with-remote-windows-autopilot-and-hybrid-azure-active/ba-p/2749353) blog.|
164
-
| You have remote workers, and want to send devices directly to these users.| ✔️ |
165
+
| You have remote workers. | ✔️ <br/><br/> The OEM or partner can send devices directly to your users.|
165
166
| Devices are owned by the organization or school. | ✔️ |
166
167
| You have new or existing devices. | ✔️ <br/><br/> You can update existing desktops running older Windows versions, such as Windows 7, to Windows 10. This option also uses Microsoft Endpoint Configuration Manager. |
167
168
| Need to enroll a small number of devices, or a large number of devices (bulk enrollment). | ✔️ |
@@ -240,7 +241,7 @@ With User enrollment, you can "register" the devices with Azure AD or "join" the
240
241
| --- | --- |
241
242
| Devices are hybrid Azure AD joined. | ✔️ <br/><br/> Hybrid Azure AD joined devices are joined to your on-premises Active Directory, and registered with your Azure AD. Devices in Azure AD are available to Intune. Devices that aren't registered in Azure AD aren't available to Intune. <br/><br/>A full Azure AD joined solution might be better for your organization. For more information, see the [Success with remote Windows Autopilot and hybrid Azure Active Directory join](https://techcommunity.microsoft.com/t5/intune-customer-success/success-with-remote-windows-autopilot-and-hybrid-azure-active/ba-p/2749353) blog. |
242
243
| You have Azure AD Premium. |❌ Azure AD Premium isn't required.<br/><br/> ✔️ If the devices join Azure AD, then they can use Azure AD Premium features, such as conditional access. |
243
-
| You have remote or hybrid workers. | ✔️ <br/><br/> Users should know that their personal devices might be managed by the organization IT. |
244
+
| You have remote workers. | ✔️ <br/><br/> Users should know that their personal devices might be managed by the organization IT. |
244
245
| Devices are personal or BYOD. | ✔️ |
245
246
| Devices are owned by the organization or school. | ✔️ <br/><br/> You can use User enrollment, but it's recommended to use [Windows Autopilot](#windows-autopilot) (in this article) or [Windows Automatic enrollment](#windows-automatic-enrollment) (in this article). They require fewer steps for your users. |
Copy file name to clipboardExpand all lines: memdocs/intune/includes/intune-notices.md
-12Lines changed: 0 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -159,18 +159,6 @@ This change will affect you only if you currently manage, or plan to manage, mac
159
159
160
160
Check your Intune reporting to see what devices or users might be affected. Go to **Devices** > **All devices** and filter by macOS. You can add more columns to help identify who in your organization has devices running macOS 10.14 or earlier. Ask your users to upgrade their devices to a supported OS version before the release of macOS 12.
161
161
162
-
### Update your iOS Company Portal minimum version to v4.16.0<!-- 9964998 -->
163
-
We recently released an updated Company Portal for iOS to the Apple Store, which is a required app update. The minimum supported version of the iOS Company Portal is now v4.16.0.
164
-
165
-
#### How does this affect you or your users?
166
-
Most users have app updates set to automatic, so they receive the updated Company Portal app without taking any action. Users who have an earlier app version will be prompted to update to the latest Company Portal app.
167
-
168
-
#### How can you prepare?
169
-
170
-
If you've enabled the [Block installing apps using App Store](../configuration/device-restrictions-ios.md#settings-apply-to-automated-device-enrollment-supervised) device restriction setting, you'll likely need to push an update to the related devices.
171
-
172
-
Otherwise, no action is needed. But if you have a helpdesk, you might want to make it aware of the prompt to update the Company Portal app.
173
-
174
162
### Plan for change: Intune is ending support for standalone client apps on Microsoft Tunnel<!-- 9370486 -->
175
163
176
164
Beginning on June 14, 2021, the Microsoft Defender for Endpoint app on Android supports Microsoft Tunnel functionality and is the official tunnel client app for Android Enterprise customers. With the release of Microsoft Defender for Endpoint as the Microsoft Tunnel client app, the standalone Microsoft Tunnel app for Android is deprecated. Support will end after January 31, 2022. When support ends, the standalone tunnel app will be removed from the Google Play store.
Copy file name to clipboardExpand all lines: windows-365/enterprise/requirements-network.md
+7-2Lines changed: 7 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,7 +7,7 @@ keywords:
7
7
author: ErikjeMS
8
8
ms.author: erikje
9
9
manager: dougeby
10
-
ms.date: 02/08/2022
10
+
ms.date: 03/10/2022
11
11
ms.topic: overview
12
12
ms.service: cloudpc
13
13
ms.subservice:
@@ -71,6 +71,11 @@ You must allow traffic in your Azure network configuration to the following serv
71
71
- cpcsacnrysa1prodpreu01.blob.core.windows.net
72
72
- cpcsacnrysa1prodpreu02.blob.core.windows.net
73
73
- cpcsacnrysa1prodprna01.blob.core.windows.net
74
+
- cpcstcnryprodprap01.blob.core.windows.net
75
+
- cpcstcnryprodprau01.blob.core.windows.net
76
+
- cpcstcnryprodpreu01.blob.core.windows.net
77
+
- cpcstcnryprodprna01.blob.core.windows.net
78
+
- cpcstcnryprodprna02.blob.core.windows.net
74
79
- cpcstprovprodpreu01.blob.core.windows.net
75
80
- cpcstprovprodpreu02.blob.core.windows.net
76
81
- cpcstprovprodprna01.blob.core.windows.net
@@ -100,7 +105,7 @@ All endpoints connect over port 443.
100
105
101
106
### Remote Desktop Protocol (RDP) broker service endpoints
102
107
103
-
Azure Virtual Desktop RDP broker service endpoints are critical to Cloud PC performance. These endpoints affect both connectivity and latency. To align with the [Microsoft 365 network connectivity principles](/microsoft-365/enterprise/microsoft-365-network-connectivity-principles?view=o365-worldwide#new-office-365-endpoint-categories), you should categorize these endpoints as **Optimize** endpoints.
108
+
Azure Virtual Desktop RDP broker service endpoints are critical to Cloud PC performance. These endpoints affect both connectivity and latency. To align with the [Microsoft 365 network connectivity principles](/microsoft-365/enterprise/microsoft-365-network-connectivity-principles#new-office-365-endpoint-categories), you should categorize these endpoints as **Optimize** endpoints.
104
109
105
110
To make it easier to configure network security controls, use Azure Virtual Desktop service tags to identity those endpoints for direct routing using an [Azure Networking User Defined Route (UDR)](/azure/virtual-network/virtual-networks-udr-overview). A UDR will result in direct routing between your virtual network and the RDP broker for lowest latency. For more information about Azure Service Tags, see (Azure service tags overview)[/azure/virtual-desktop/network-connectivity].
0 commit comments