Microsoft has promised to add Linux support to its cloud-based remote device management service Intune from early 2022 -- starting with Ubuntu, with support also planned for Redhat, CentOS and Fedora -- as it beefs up capabilities across the MDM platform, which saw use grow hugely amid a wholesale shift to remote work.
The news -- which will let administrators bring remote device management capabilities like setting security controls etc. under one umbrella irrespective of OS -- comes as Microsoft also said it was also adding customisable compliance checks for Windows boxes using Intune; a move that will be welcomed by IT admins.
Follow The Stack on LinkedIn
Intune, part of Microsoft Endpoint Manager, lets IT administrators remotely control how an organisation’s devices (laptops, mobiles, tablets) are used, and configure specific policies to control applications. It can be used to set password and PIN requirements, create a VPN connection, set up threat protection, and more..
Microsoft is also now adding capabilities like the ability to set Wi-Fi profile and certificate policies (as well as the above) in a standard way across all cloud managed endpoints as it beefs up the widely used platform.
As part of that move IT administrators will now also be able to set Azure AD Conditional Access policies targeted at Linux devices, in the same way they do for other Windows, mobile and Mac endpoints, to ensure that only compliant Linux workstations get access to corporate resources such as Microsoft 365 apps.
Intune Linux support includes Azure AD access policies.
That move came as Microsoft Endpoint Manager's team said they were also adding custom compliance capabilities to the platform, which can current be used to check things like whether BitLocker and Windows Defender Firewall are enabled/check the risk score in Defender for Endpoint to determine security compliance.
The wholesale shift to remote work over the past two years has seen many demanding more sophiticated capabilities however and in a November 2 Microsoft Endpoint Manager blog, the company's Ileana Wu said IT admins would now be able to "write a PowerShell script to detect almost any setting, such as BIOS version, and report that back to Intune’s device compliance engine. You then can provide a JSON definition file for each custom compliance setting that includes remediation messages, which help your users know how to get compliant again.
"Similar customisable compliance check capabilities would be rolled out for Linux too in future, she added.