Showing posts with the label Intune

How to enable iOS unmanaged apps to read managed contacts & write unmanaged contacts without compromising security using Microsoft Intune

The contacts saved in Exchange is considered managed contacts. with iOS 12 onwards managed contacts are not visible from unmanaged Apps. As stated in Apple Article (  iOS 12, you can use MDM to make the following exceptions to this policy: Allow unmanaged apps to access managed contacts Allow managed apps to save contacts to the local Contacts app Microsoft Intune have introduced new feature, but it has pre-requisite to "Viewing corporate documents in unmanaged apps" to write contact to unmanaged app and "Viewing non-corporate documents in corporate apps" to read managed contacts in unmanaged app.  This can be security issue for many organisations. However, you can enable this without changing the parent policy by following trick! Go to iOS restriction settings in Intune, go to 'App Store, Doc Viewing, Gaming controls'. As highlighted above 'Allow managed apps to write contacts

SQL Query to get Mobile Device and Primary Users from Microsoft Configmgr

Following query will give you list of the mobile device managed by Intune and its user from Configmgr. SELECT        dbo.v_R_System.Name0, dbo.v_GS_DEVICE_COMPUTERSYSTEM.IMEI0, dbo.v_GS_DEVICE_COMPUTERSYSTEM.PhoneNumber0, dbo.v_GS_DEVICE_COMPUTERSYSTEM.DeviceManufacturer0,                           dbo.v_GS_DEVICE_COMPUTERSYSTEM.DeviceModel0, dbo.v_GS_DEVICE_COMPUTERSYSTEM.SerialNumber0, dbo.v_GS_DEVICE_COMPUTERSYSTEM.TimeStamp AS Expr1,                           dbo.v_GS_DEVICE_COMPUTERSYSTEM.FirmwareVersion0, dbo.v_GS_DEVICE_COMPUTERSYSTEM.SoftwareVersion0, dbo.v_R_User.Full_User_Name0, dbo.v_R_User.Name0 AS UserID,                           dbo.v_R_User.User_Principal_Name0 FROM            dbo.v_GS_DEVICE_COMPUTERSYSTEM RIGHT OUTER JOIN                          dbo.v_R_System INNER JOIN                          dbo.v_UsersPrimaryMachines INNER JOIN                          dbo.v_R_User ON dbo.v_UsersPrimaryMachines.UserResourceID = dbo.v_R_User.ResourceID ON dbo.v_R_Sys

Microsoft Intune Configuration Check List

Make most of Microsoft Intune Check list to make most of Microsoft Intune MDM and MAM features/ In this post, I have cover the Intune MDM and MAM features that can help enterprises to improve user experience and security. I have seen multiple MDM setups where its utilisation becomes limited to email profile deployment and password policies. I hope this checklist will help to enhance the capabilities and make most of the Microsoft Intune/EMS. Please note that this checklist might not complete due to fluid nature of the cloud services, I will keep adding link of the existing resources that might help you to kick start with design, deployment and Testing. I will keep revising this list on frequent basis, please review latest Microsoft Documentation for new Intune features.       ·         Identity o    Configure Azure AD & AD Connect : Required to provision users and assign licenses ·          Device and Application Management o    Intune Standalone vs Intune H