Microsoft Intune is a mobile device management tool that supports a variety of operating systems. Obviously, Intune supports the popular operating system Mac OSX. Since November 2015, companies that use standalone version, it’s possible to install the Intune client on MAC OSX devices. With the latest release of SCCM 1602, hybrid environment can enrol MAC OSX.
The Microsoft Intune client allows the deployment of policies, SCEP certificates, VPN and WiFi profiles. It’s also a new way to inventory your MAC. Before enrolling a Mac OSX in Intune, a compliance policy must be configured to apply a minimum of security control. This post will explain how to set up a SCCM Mac Compliance Policy for Microsoft Intune client.
MAC OS X Pre-Requisite
Once, Microsoft Intune is configured, we will check if SCCM is configured to support MAC OSX:
- From the SCCM console, navigate to Administration / Cloud Services / Microsoft Intune Subscriptions
- Right click on Microsoft Intune Subscription
- Select Configuration Platforms and iOS and Mac OS X (MDM)
- In the APNs Certificate tab, make sure Enable iOS and Mac OS X (MDM) enrollment is selected
Configure SCCM Mac Compliance Policy
- To create a compliance policy in SCCM, open the SCCM console and navigate to Assets and Compliance / Compliance Settings / Compliance Policies
- Right click on Compliance Policies and select Create Compliance Policy
- In the General tab of the Create Compliance Policy Wizard, enter the Name of the desired policy
- Select Compliance rules for devices managed without the Configuration Manager client and choose iOS
- Click Next
- At the Supported Platforms tab, select Mac OS X
- Make sure All Mac OS X MDM Clients is selected and click Next
- In the Rules tab, configure rules accordingly the level of safety and productivity sought by your business
- Click on New to add a new rule, when it’s completed, click Next
- In the Summary tab, confirm the compliance policy setting details and click Next
- SCCM Mac compliance policy completed, click Close
Deploy the Compliance Policy for Microsoft Intune Client
To deploy the compliance policy for all users that enroll MacOS:
- Open the SCCM console and navigate to Assets and Compliance / Compliance Settings / Compliance Policies
- Right click on the new compliance policy created for Mac OSX and select Deploy
- In the Deploy Compliance Policy window, click on Browse and select your Intune subscription collection. In our case, it’s All Intune Users
- Specify the compliance evaluation schedule for this compliance policy
You are now ready to install the Microsoft Intune Client on your MAC OSX devices.
Founder of System Center Dudes. Nick has been awarded in 2016 as a Microsoft MVP in Enterprise Mobility category.
Working as a senior SCCM and Intune advisor as well as a specialist Microsoft Cloud solutions specialist.