Hi,
I am currently working on setting up intune as our MDM solution for both our iOS and Android devices and would like to get some help / clarification on the setup and configuration of intune. I know that there is a lot more than just MDM for intune however this is what we are going with at the moment. Licensing wise, all our users are on M365 E3, so using intune is kinda a no brainer since its part of the package :)
The MDM model we are going with is COPE. The design is quite straightforward
Enroll intune to iOS and Android devices
Manage devices via Compliance and Configuration policies
Ensure iOS devices are kept up-to-date via Update policies for iOS/iPadOS
Manage apps via App protection policies and App configuration policies
My questions are as below:
Group assignments for device policies - do you target the user group or device group? currently i have both the user and device group targeted
Group assignments for app policies - do you target the user group or device group? currently i have both the user and device group targeted
App configuration policies - some apps like M$ Authenticator and OneDrive have very different type of configuration options available if compared to outlook for example. Authenticator uses a configuration key while OneDrive uses a Name and Value configuration setting which i have no clue what to enter
App updates - how are managed iOS apps updated? is it automatic?
The current enrollment is targeted to only company-owned devices however we may look at a BYOD model for user who don't own a company-owned device. What do i need to do to achieve this?
These are the items i need help clarifying for now but will definitely post more once i hit a road block
Thanks again for your time and i hope to hear from anyone soon
Kind Regards :)


