-->
Microsoft Azure For Macs & OS X The Rumor is out. Mac’s are the “go to” computer of choice for start-ups and many businesses these days, especially those in the San Francisco Bay Area. Macs and OS X provide a so many benefits to businesses, especially start ups and creatives. Among the affordability a. Although Azure does not provide in-cloud solutions for Mac build processes, you may be interested in the following resources. MacInCloud (macincloud.com) can do dedicated hosting but provides alternate pricing models for shared hardware. I have been trying the linux install instructions on macOS. It seems that most steps in CMake work, but the DepthEngine is Windows/Nix only. Would be amazing if you could release the DepthEngine for macOS. The rest should be achievable by the community / via Pull Request etc. A huge number of our community ( openFrameworks ) would make good use of macOS support.
For the macOS platform, you can install the Azure CLI with homebrew package manager. Homebrew makes it easy to keep yourinstallation of the CLI update to date. The CLI package has been tested on macOS versions 10.9 and later.
The current version of the Azure CLI is 2.18.0. For information about the latest release, see the release notes. To find your installed version and see if you need to update, run az version.
Install with Homebrew
While Microsoft doesn't have a desktop version of Visio for macOS, you can still work on Visio files on a Mac in your web browser. Visio for the web lets you view, create, and edit diagrams in the Safari or Chrome browser on your Mac. To get started, download and install the client on your macOS device. Subscribe to a feed. Subscribe to the feed your admin gave you to get the list of managed resources available to you on your macOS device. To subscribe to a feed: Select Add Workspace on the main page to connect to the service and retrieve your resources. Enter the Feed URL.
Homebrew is the easiest way to manage your CLI install. It provides convenient ways to install, update, and uninstall.If you don't have homebrew available on your system, install homebrew before continuing.
You can install the CLI by updating your brew repository information, and then running the install command:
Important
The Azure CLI has a dependency on the Homebrew python3 package, and will install it.The Azure CLI is guaranteed to be compatible with the latest version of python3published on Homebrew.
You can then run the Azure CLI with the az command. To sign in, use az login command.
Run the
logincommand.If the CLI can open your default browser, it will do so and load an Azure sign-in page.
Otherwise, open a browser page at https://aka.ms/devicelogin and enter theauthorization code displayed in your terminal.
If no web browser is available or the web browser fails to open, use device code flow with az login --use-device-code.
Sign in with your account credentials in the browser.
To learn more about different authentication methods, see Sign in with Azure CLI.
Troubleshooting
If you encounter a problem when installing the CLI through Homebrew, here are some common errors. If you experience a problem not covered here, file an issue on github.
Completion is not working
The Homebrew formula of Azure CLI installs a completion file named az in the Homebrew-managed completions directory (default location is /usr/local/etc/bash_completion.d/). To enable completion, please follow Homebrew's instructions here.
Unable to find Python or installed packages
There may be a minor version mismatch or other issue during homebrew installation. The CLI doesn't use a Python virtual environment, so it relies on findingthe installed Python version. A possible fix is to install and relink the python3 dependency from Homebrew.
CLI version 1.x is installed
If an out-of-date version was installed, it could be because of a stale homebrew cache. Follow the update instructions.
Proxy blocks connection
You may be unable to get resources from Homebrew unless you have correctly configured it touse your proxy. Follow the Homebrew proxy configuration instructions.
Important
If you are behind a proxy, HTTP_PROXY and HTTPS_PROXY must be set to connect to Azure services with the CLI.If you are not using basic auth, it's recommended to export these variables in your .bashrc file.Always follow your business' security policies and the requirements of your system administrator.
In order to get the bottle resources from Homebrew, your proxy needs to allow HTTPS connections tothe following addresses:
https://formulae.brew.shhttps://homebrew.bintray.com
Update
The CLI is regularly updated with bug fixes, improvements, new features, and preview functionality. A new release is available roughly everythree weeks.
The CLI provides an in-tool command to update to the latest version:
Note
The az upgrade command was added in version 2.11.0 and will not work with versions prior to 2.11.0.
This command will also update all installed extensions by default. For more az upgrade options, please refer to the command reference page.
You can also update your local Homebrew repository information and then upgrade the azure-cli package.
Uninstall
If you decide to uninstall the Azure CLI, we're sorry to see you go. Before you uninstall, use the az feedback command to let us knowwhat could be improved or fixed. Our goal is to make the Azure CLI bug-free and user-friendly. If you found a bug, we'd appreciate it if you file a GitHub issue.
Use homebrew to uninstall the azure-cli package.
Other installation methods
If you can't use homebrew to install the Azure CLI in your environment, it's possible to use the manual instructions for Linux. Note thatthis process is not officially maintained to be compatible with macOS. Using a package manager such as Homebrew is always recommended. Only use the manualinstallation method if you have no other option available.
For the manual installation instructions, see Install Azure CLI on Linux manually.
Next Steps
Now that you've installed the Azure CLI, take a short tour of its features and common commands.
-->Personal and organization-owned devices can be enrolled in Intune. On macOS devices, the Company Portal app or the Apple Setup Assistant authenticates users, and starts the enrollment. Once they're enrolled, they receive the policies and profiles you create.
You have the following options when enrolling macOS devices:
Note
Enrollment through Apple Configurator is available for iOS/iPadOS devices. It's not available for macOS devices. When you create a macOS enrollment profile, it appears that Apple Configurator is an option. This behavior is a known issue, and will be fixed in a future release (no ETA). Do not create a macOS enrollment profile with Apple Configurator. It doesn't work.
This article:
- Describes your Company Portal app options for each enrollment method.
- Provides recommendations on the macOS enrollment method to use.
- Includes an overview of the administrator and user tasks for each enrollment type.
For more specific information, see Enroll macOS devices.
Tip
This guide is a living thing. So, be sure to add or update existing tips and guidance you've found helpful.
Before you begin
For an overview, including any Intune-specific prerequisites, see Deployment guidance: Enroll devices in Microsoft Intune.
BYOD: Device enrollment
Use for personal or bring your own devices (BYOD). Not a traditional 'enrollment' method, as it uses an app configuration profile. This option manages apps on the device. Devices aren't enrolled.
| Feature | Use this enrollment option when |
|---|---|
| Devices are personal or BYOD. | ✔️ |
| Need to enroll a small number of devices, or a large number of devices (bulk enrollment). | ✔️ |
| You have new or existing devices. | ✔️ |
| Devices are associated with a single user. | ✔️ |
| You use the device enrollment manager (DEM) account. | ✔️ Be aware of impact and any limitations using DEM account. |
| Devices are managed by another MDM provider. | ❌ When a device enrolls, MDM providers install certificates and other files. These files must be removed. The quickest way may be to unenroll, or factory reset the devices. If you don't want to factory reset, then contact the MDM provider. |
| Devices are owned by the organization or school. | ❌ Not recommended for organization-owned devices. Organization-owned devices should be enrolled using Automated Device Enrollment or Apple Configurator. You can add the MacBook serial numbers to the corporate device identifiers to mark the devices as corporate. But, by default, devices are marked personal. |
| Devices are user-less, such as kiosk, dedicated, or shared. | ❌ These devices are organization-owned. User-less devices should be enrolled using Automated Device Enrollment or Apple Configurator. |
Device enrollment administrator tasks
This task list provides an overview.
Be sure your devices are supported.
Be sure the Apple MDM push certificate is added to Endpoint Manager, and is active. This certificate is required to enroll macOS devices. For more information, see Get an Apple MDM push certificate.
There isn't a Company Portal app for macOS devices in the Apple App Store, or through VPP. Users must manually download and run the Company Portal app installer package. They sign in with their organization account (
user@contoso.com), and then step through the enrollment. Once they enroll, they must approve the enrollment profile.When they approve, the device is added to your organization Azure AD. Then, it's available to Intune to receive your policies and profiles.
Be sure to communicate this information with your users.
Device enrollment end user tasks
Your users must do the following steps. For more specific information on the end user steps, see Enroll your macOS device using the Company Portal app.
- Download and run the Company Portal app installer package.
- Open the Company Portal app, and sign in with their organization account (
user@contoso.com). Once they sign in, they must approve the enrollment profile (System preferences). When users approve, the device is enrolled, and considered managed. If they don't approve, then they're not enrolled, and won't receive your policy and profiles.
For more specific information on the end user steps, see Enroll your macOS device using the Company Portal app.
Users typically don't like enrolling themselves, and may not be familiar with the Company Portal app. Be sure to provide guidance, including what information to enter. For some guidance on communicating with your users, see Planning guide: Task 5: Create a rollout plan.
Automated Device Enrollment (ADE) (supervised)
Previously called Apple Device Enrollment Program (DEP). Use on devices owned by your organization. This option configures settings using Apple Business Manager (ABM) or Apple School Manager (ASM). It enrolls a large number of devices, without you ever touching the devices. These devices are purchased from Apple, have your preconfigured settings, and can be shipped directly to users or schools. You create an enrollment profile in the Endpoint Manager admin center, and push this profile to the devices.
For more specific information on this enrollment type, see Automatically enroll macOS devices with the Apple Business Manager or Apple School Manager.
| Feature | Use this enrollment option when |
|---|---|
| Devices are owned by the organization or school. | ✔️ |
| You have new devices. | ✔️ |
| You have existing devices. | ✔️ To enroll existing devices, see Enroll your macOS device registered in ABM/ASM with Automated Device Enrollment after Setup Assistant . |
| Need to enroll a small number of devices, or a large number of devices (bulk enrollment). | ✔️ |
| Devices are associated with a single user. | ✔️ |
| Devices are user-less, such as kiosk or dedicated device. | ✔️ |
| Devices are personal or BYOD. | ❌ Not recommended. BYOD or personal devices should be enrolled using Device enrollment. |
| Devices are managed by another MDM provider. | ❌ To be fully managed by Intune, users must unenroll from the current MDM provider, and then enroll in Intune. Or, you can use Device enrollment to manage specifics apps on the device. Since these devices are organization-owned, it's recommended to enroll in Intune. |
| You use the device enrollment manager (DEM) account. | ❌ The DEM account isn't supported. |
ADE administrator tasks
This task list provides an overview. For more specific information, see Automatically enroll macOS devices with the Apple Business Manager or Apple School Manager.
Be sure your devices are supported.
Need access to the Apple Business Manager (ABM) portal, or the Apple School Manager (ASM) portal.
Be sure the Apple token (.p7m) is active. For more specific information, see Get an Apple ADE token.
Be sure the Apple MDM push certificate is added to Endpoint Manager, and is active. This certificate is required to enroll macOS devices. For more information, see Get an Apple MDM push certificate.
Decide how users will authenticate on their devices: the Company Portal app, or Setup Assistant. Make this decision before you create the enrollment profile. Using the Company Portal app is considered modern authentication. We recommended using the Company Portal app.
For all organization-owned macOS devices, Setup Assistant is always and automatically used, even if you don't see 'Setup Assistant' text in Endpoint Manager. Setup Assistant authenticates the user, and enrolls the device.
If you want to continue to use Setup Assistant for authentication, then you don't need the Company Portal app. If you want to use the Company Portal app for authentication, instead of using Setup Assistant, then you can. After the device is enrolled, you can install the Company Portal app.
To install the Company Portal app on devices, see add the Company Portal app. Set the Company Portal app as a required app.
Once installed, users open the Company Portal app, and sign in with their organization account (
user@contoso.com). When they sign-in, they're authenticated, and ready to receive your policies and profiles.In the Endpoint Manager admin center, create an enrollment profile. Choose to Enroll with user affinity (associate a user to the device), or Enroll without user affinity (user-less devices or shared devices).
Enroll with user affinity: Setup Assistant authenticates the user, and enrolls the device in Intune. Also choose if users can delete the management profile, called Locked enrollment.
Enroll without user affinity: Setup Assistant authenticates the user, and enrolls the user in Intune. Also choose if users can delete the management profile, called Locked enrollment. The Company Portal app isn't used, needed, or supported on enrollments without user affinity.
ADE end user tasks
These tasks depend on how administrators tell users to install the Company Portal app. Typically, the less end users must do to enroll, the higher chance they'll want to enroll.
For more specific information on the end user steps, see Enroll your macOS device using the Company Portal app.
Microsoft Azure For Macos X
Enroll with user affinity:
When the device is turned on, the Apple Setup Assistant runs. Users enter their Apple ID (
user@iCloud.comoruser@gmail.com).The Setup Assistant prompts the user for information, and enrolls the device in Intune. The device isn't registered in Azure AD.
If you're using Setup Assistant for authentication, then stop here.
Optional. If you're using the Company Portal app for authentication (instead of Setup Assistant), then the Company Portal app installs using the option you configured.
Users open the Company Portal app, and sign in with their organization credentials (
user@contoso.com). After they sign in, users are authenticated, and can access organization resources.Remember, installing the Company Portal app is optional. If you want your users to authenticate using Company Portal app, instead of using the Setup Assistant, then add the Company Portal app.
Enroll without user affinity: No actions. Be sure your users don't install the Company Portal app.
Microsoft Azure For Machine Learning
Users typically don't like enrolling themselves, and may not be familiar with the Company Portal app. Be sure to provide guidance, including what information to enter. For some guidance on communicating with your users, see Planning guide: Task 5: Create a rollout plan.
Microsoft Azure For Macos 7
Next steps