The 2010 Service Release has since a number of updates as shown below;
| Section | Item | Link | |
| App Management | Apps that require enrollment are hidden when enrollment is set to unavailable | Link | |
| Improvements to iOS Company Portal privacy message customization | Link | ||
| Android app protection policies (MAM) on COPE devices | Link | ||
| Max Company Portal version age for Android devices | Link | ||
| Mac LOB apps will be supported as managed apps on macOS 11 and higher | Link | ||
| Enable Outlook S/MIME emails to be always signed or encrypted | Link | ||
| Device Configuration | Use the Connect Automatically setting on Android Enterprise basic Wi-Fi profiles | Link | |
| New user experience and new Enable direct download setting on macOS devices using associated domains | Link | ||
| New lockout password settings on macOS devices | Link | ||
| Required password type default setting is changing on Android Enterprise devices | Link | ||
| Device enrollment | Intune support for provisioning Azure Active Directory shared devices | Link | |
| Device Security | App protection policy support on Android and iOS/iPadOS for additional partners | Link | |
| Endpoint Manager Security tasks include details about misconfigured settings from Microsoft Defender ATP TVM | Link | ||
| Endpoint security Firewall policies for tenant attached devices | Link | ||
| Expanded settings to manage hardware device installation through block and allow lists | Link | ||
| Improvements to endpoint security Firewall rules | Link | ||
| Use Microsoft Defender for Endpoint in compliance policies for iOS | Link | ||
| Security Experience profiles for Endpoint Security Antivirus policy now have tri-state options | Link | ||
| Updated version of the Edge security baseline | Link | ||
| Monitor and troubleshoot | New Windows 10 feature update failures report | Link | |
| Updates to Antivirus reports | Link | ||
| Updated Help and Support for Microsoft Endpoint Manager | Link | ||
| Scripts | Collect custom device or user properties using shell scripts on managed Macs | Link |
But what I wanted to pick up on is the new PowerShell elements within this service release as its something I regular do within my own Windows 10 deployments.
These are really cool additions.
View PowerShell scripts in the Intune Troubleshooting pane
You can now view your assigned PowerShell scripts in the Troubleshooting pane. PowerShell scripts provide Windows 10 client communication with Intune to run enterprise management tasks, such as advanced device configuration and troubleshooting. For more information, see Use PowerShell scripts on Windows 10 devices in Intune.
Win32 app support for Workplace join (WPJ) devices
Existing Win32 apps are supported for Workplace join (WPJ) devices. PowerShell scripts, which are not officially supported on WPJ devices, can be deployed to WPJ devices. Specifically, device context PowerShell scripts work on WPJ devices, but user context PowerShell scripts are ignored by design. User context scripts will be ignored on WPJ devices and will not be reported to the Microsoft Endpoint Manager console. For more information about PowerShell, see Use PowerShell scripts on Windows 10 devices in Intune.
Regards,
The Author – Blogabout.Cloud