Howdy folks!
Device-based conditional access is one of the hottest features in Azure AD and is growing at a rapid pace. Today, I’m excited to announce the general availability of a set of capabilities for device- and app-based conditional access that many of you have been eagerly waiting for.
- Support for macOS device-based conditional access
- Application-based conditional access for limiting access to managed apps with in-app controls for iOS and Android
- The ‘Devices’ blade in Azure AD in Azure portal
macOS as platform for device-based conditional access
Now you can comprehensively secure access to Office 365 and other Azure AD-connected apps with new support for macOS conditional access. With macOS conditional access you have the ability to:
Wait for the company portal app to install if using Single App Mode in your iOS management profile, or install it yourself from the App Store. Congrats, you now have a Supervised iOS device with the old user data restored to it! I hope this helps any other iOS admins struggling with a change to supervised devices.
- Enroll and manage macOS devices using Intune
- Ensure macOS devices adhere to your organization’s compliance policies defined in Intune
- Restrict access to applications in Azure AD to only compliant macOS devices
What’s new in GA
Chrome as a supported browser: In public preview, we started with supporting only the Safari browser. With general availability, we’re extending support for device-based conditional access to Chrome on macOS.
Microsoft Teams: Microsoft Teams is now a supported application, in addition to the applications supported during the public preview of conditional access for macOS.
An improved Intune Company Portal: The Intune Company Portal on macOS has an updated experience, which has been optimized to cleanly display all the information and compliance notifications your users need for all the devices they have enrolled. And, once the Intune Company Portal has been deployed to a device, Microsoft AutoUpdate for macOS will provide updates to it.
You can download the new Intune Company Portal for macOS by logging into the Intune Company Portal website from a macOS device.
Note: Updating from the preview version of the Company Portal will not require users to re-enroll into Intune.
The following OS versions, applications, and browsers are supported on macOS for conditional access:
Operating Systems
- macOS 10.11+
Applications
- Microsoft Office 2016 for macOS v15.34 and later
- Microsoft Teams
Browsers
- Safari
- Chrome
Azure For Mac
Azure AD application-based conditional access for iOS and Android in the Azure portal
With today’s update, you can now restrict access to Office 365 and other Azure AD-connected cloud apps from approved client apps that support Intune App Protection policies using Azure AD app-based conditional access. Intune App Protection policies are used to configure and protect company data on these client applications.
You also get the flexibility to protect data for both personal and company devices by combining app-based conditional access policies with a device-based policy.
What’s in GA
The following conditions and controls are now available for use with app-based conditional access:
Supported platform condition
- iOS
- Android
Client apps condition
- Mobile apps as supported client apps
Access control
- Require approved client app
Learn how to set up a combined policy on Azure AD for Microsoft Exchange Online and Microsoft SharePoint Online.
‘Devices’ blade in Azure AD in Azure portal
With this last feature, you’re now able to find all your devices and device-related activities in one place: a new blade for management of device identities in the Azure portal. In this new blade, you can:
- View all your devices that are available for conditional access in Azure AD
- View properties, including your Hybrid Azure AD-joined devices
- Find BitLocker keys for your Azure AD-joined devices, manage your device with Intune and more
- Manage Azure AD device-related settings
Find the new ‘Devices’ option in the Azure portal under Azure Active Directory.
Azure Portal App For Mac Download
Try these features out today and let us know what you think! We look forward to hearing from you.
Best regards,
Alex Simons (Twitter: @Alex_A_Simons)
Director of Program Management
Microsoft Identity Division
Quick Links
-->Mac Os Azure
You can use the Publish tool to publish ASP.NET Core apps to Azure App Service.
Prerequisites
- Visual Studio 2019 for Mac installed with ASP.NET Core enabled.
- An Azure Subscription. If you do not already have a subscription, sign up for free, which includes $200 in credit for 30 days and 12 months of popular free services.
- An ASP.NET Core project. If you don’t already have a project, you can create a new one.
Publish to Azure App Service
Azure Portal App For Mac
In the Solution Pad, right-click the project and choose Publish.
If you have previously published this project to Azure App Service, you'll see the publish profile in the menu. Select that publish profile to start the publish process.
To publish this project to App Service for the first time, select Publish to Azure
The Publish to Azure App Service dialog appears, and any existing App Services are shown. To publish to an existing App Service, select the App Service in the list and then click Publish.
To create a new App Service, click the New button.
The New App Service dialog appears. In this dialog you can configure the settings for your new App Service.
There are a few options to consider customizing here. The name of the App Service will default to the project name. If the name is not available a warning sign will appear on the right hand side of the input field. The name of the App Service will be used in the URL of your website, so the name must be valid to be used in a URL.
You can change the subscription that the App Service will be associated with using the Subscription dropdown.
You can select an existing Resource Group using the dropdown or you can create a new one with the + button.
For the App Service plan, select an existing one, or create a new one by selecting the Custom radio button.
To create your new App Service, and publish your project to it, click Create.
After clicking Create the New App Service dialog will be dismissed, and you should see the following message indicating that creating the App Service has started.
After clicking OK the message is dismissed, and you can continue working on your project. You can watch the status of the publish process with the status bar at the top of the IDE. Once your web app is successfully published, the site is opened with your default browser.