Every month there is a new service release of Intune with new features and bug fixes. With this blog I would like to start a new series and take a closer look at the new features in new Intune releases. The release that was released on Thursday was the 2209 and these new features I would like to take a closer look at.

New app types for Microsoft Endpoint Manager

Two new app types have been added to Intune: “iOS/iPadOS Web Clip” and “Windows Web Link“. This allows shortcuts to websites similar to “Web Link” to be distributed with intune Intune. The difference is that this does not apply platform wide and can be assigned via groups and filters… I’m going to show you how this works:

Group member count visible in assignments

This is a small change, but it can help a lot with the assigning of items. With this function you can see how many devices and users are in the selected group. This will give you a sense of whether you have selected the right or wrong group and how many devices this change will now affect.

Filter on the user scope or device scope in the Settings Catalog for Windows devices

This function is also an everyday helper that simplifies the search in the settings catalog. You now have the possibility to filter for settings for the user scope or device scope.

Device Firmware Configuration Interface (DFCI) now supports Acer devices

Intune now supports DFCI (Device Firmware Configuration Interface) for Acer devices. Starting in the fall of 2022, new acer devices will be enabled for DFCI. This will allow you to manage the BIOS via Intune.

Set up enrollment notifications (public preview)

To make sure that no one has stolen the identity and thus enrolled a device, Microsoft ootb has added a feature in preview where a user is notified via email or push notification when a new device has been enrolled in Intune. This opens many use cases to increase security but also to inform the user that his device is being enrolled. Of course, only user driven enrollment is supported here.

Assign compliance policies to the All devices group

Finally, compliance policies can be assigned not only to specific groups but to allDevices.

Access policies for Multiple Administrator Approval in public preview

Microsoft has included a new feature in the preview where multiple admin approval is required to deploy app deployments and scripts. This will include an access policy with a group of users who are authorized to approve. More details can be found in this KDB.

Automatically capture diagnostics

Last but not least, a feature that didn’t show up in the Release notes but is a huge improvement. This feature automatically uploads the logs in case of a failed device deployment. The logs can then be found in the Device Object under Device Diagnostic.