Like every year the Ignite of Microsoft takes place. This is an event where Microsoft presents news in their products but also general strategic topics on which they will work within the next few months. This year the ignite was a hybrid event both as live stream and on site in Seattle. In this blog I would like to briefly summarize what was presented in relation to Mem (whether this name is still the right one?). You can find a detailed summery under this link.
Renaming of Microsoft Endpoint Manager to Mem
Yes, you heard right Microsoft Endpoint Manger is no longer called mem but Intune. With this renaming Microsoft bundles all Unified Endpoint Management products under one brand. MEMCM (Microsoft Endpoint Manager Configuration Manager) is now part of Intune and it’s called Microsoft Configuration Manager
New Premium Features
New premium features will be added that require extra licensing, like the Intune Remote Help. The initial launch of this feature was March 2023 but there was an announcement for improvements. For example, the ServiceNow integration, that bring in service management incident information into Intune. There will also be better messaging to easily view reasons for device noncompliance, and the ability for the IT Helpdesk worker to hear audio from the person receiving remote assistance. Additionally, to this Remote Help will also support Android.
Microsoft Intune Endpoint Privilege Management
Users are always standard user and need no permanent local admin permissions and can elevate the privileges in the context of an app when this is needed based on an Intune policy.
As you can see from my blogs I am a big fan of analytics and the analysis of data with the help of artificial intelligence. This is exactly the direction Microsoft is going out of the box and showing you recommendations and anomalies. Looking forward for this feature!
A long-awaited feature is now becoming reality its Cloud LAPS. This is a feature to rotate the Local Admin Password and only give the password to a user when it is really needed. And yes, it is not a premium feature.
Update Policies for Mac
There is now a new Config Profile that allows you to manage updates on macOS devices.
Intune added the support for Compliance Policies for Linux to also consider this device based on the compliance in Conditional Access. I am sure that there will came a lot of other features in the near future to manage Linux devices with Intune.
Custom notifications for Windows 11 machines
Once again, Microsoft introduces an extremely helpful feature that takes communication with the end user to a whole new level. It is possible to create notifications via Intune that pop up on Windows 11 devices after enrolment or on demand.
This feature was already introduced in the new service release updates from Microsoft, but it was highlighted again in Ignite. Here a user can be informed if a new device was set up with his UserId.
GA for Windows Hello for Business Cloud Trust
Windows Hello for Business Cloud Trust is an hybrid cloud Kerberos trust, that enables a passwordless sign-in experience. With this the deployment of Windows Hello for Business is much easier to deploy than the existing key trust and certificate trust deployment models by removing the need for maintaining complicated public key infrastructure (PKI) and Azure Active Directory (Azure AD) Connect synchronization wait times.