There is a new Apple Enrollment admin experience along with some new features. This was announced at the What’s new in Microsoft Intune Week of February 19, 2018 https://docs.microsoft.com/en-us/intune/whats-new it is stated that this new Apple Enrollment features only are enabled in new created tenants and will be there for the rest of us this feature is being rolled out through April.

What is new in the  Apple Enrollment?

You can find the new features in:

1. Device enrollement
2. Apple enrollment
3. Apple MDM Push certificate

In the Apple MDM Push certificate there is no news:

The same applies for the Apple Configurator settings – the only news here is a design facelift

All the real news is in the Enrollment program tokens, also known as Apple DEP program

Intune now supports enrolling devices from up to 100 different Apple Device Enrollment Program (DEP) or Apple School Manager accounts. Each token uploaded can be managed separately for enrollment profiles and devices. A different enrollment profile can be automatically assigned per DEP/School Manager token uploaded. If multiple School Manager tokens are uploaded, only one can be shared with Microsoft School Data Sync at a time.

The first change is:

1. Click Enrollment program tokens
2. Select the DEP token where you what to make the changes – settings and features is per DEP token

Under profiles you can now set Default Profile

This is the same feature that was in the Silverlight Portal of Intune before Microsoft migrated the feature to Azure Portal.

Select Set Default Profile

Now you can select the DEP profile you want to set as default when new devices is synced to Intune from Apple’s DEP program.

The second change is:

When using User Affinity you can change from authenticate with Apple Setup Assistant to authenticate with Company Portal – when you do this then, Intune will skips user authentication in IOS Setup Assistant and you are enabled modern authenticate, this means that the end user can use Azure Active Directory multi-factor authentication when can be enforced without blocking Apple DEP enrollment methods.

Happy testing and deployment 🙂