Microsoft Intune to require iOS 16 and macOS 13

Microsoft has recently announced that later in 2024, Microsoft Intune will move to support only iOS and iPadOS devices on version 16 or higher and also macOS devices on version 13 or higher.

These changes coincide with the release of the latest operating systems for each device, iOS18 for mobile devices and macOS 15 (sequoia) for workstations.

Generally speaking, the supported version of iOS and macOS with Microsoft Intune closely relates to whether Apple still supports that OS. Like the devices, Apple also generally provides support for up to 5 years after the release of said device. 

While taking a look at the supported model’s page for iOS, you can see that iOS 15.5 can only be installed on iPhone models 6 and up, iOS 16 will push this requirement up to iPhone 8. So not only will this change require an update for some, but it may force a replacement device for others.

For reference, view message center notifications: MC803005 & MC803004.

The impact of this change is slightly different for iOS and macOS. For iOS, devices that do not meet the minimum requirements after this change will likely no longer check into Intune and be managed, whereas macOS devices running version 12 will stay enrolled, but new devices will be unable to enrol.

How do I prepare for this change?

It is important to closely assess your environment to highlight and take action on any devices that may be impacted. The first method is to use the Intune admin portal to highlight a list of devices on a soon-to-be unsupported operating system. Follow the steps below:

  1. Login to intune.microsoft.com
  2. Select Devices > iOS/iPadOS
  3. Sort the OS version column from lowest to highest
impacted iOS devices
impacted iOS devices

Once you have highlighted a list of impacted mobile devices, do the same for the list of macOS devices.

Alternatively, you can use Microsoft Graph PowerShell to obtain a list of only devices which will be impacted by this change. For this, you will need to install the beta version of Microsoft Graph PowerShell. You will also need a global administrator account to consent to the required permissions.

Get-MgBetaDeviceManagementManagedDevice -Filter”(((deviceType eq ‘iPad’) or (deviceType eq ‘iPhone’) or (deviceType eq ‘iPod’))) and OSversion lt ’16′”
 
or
 
Get-MgBetaDeviceManagementManagedDevice -Filter “(((deviceType eq ‘macMDM’) or (deviceType eq ‘mac’))) and OSversion lt ’13′”
#connect to microsoft graph
Connect-MgGraph -Scopes DeviceManagementManagedDevices.Read.All

#get all impacted iOS devices
Get-MgBetaDeviceManagementManagedDevice -Filter "(((deviceType eq 'iPad') or (deviceType eq 'iPhone') or (deviceType eq 'iPod'))) and OSversion lt '16'" 

#get all impacted macos devices
Get-MgBetaDeviceManagementManagedDevice -Filter "(((deviceType eq 'macMDM') or (deviceType eq 'mac'))) and OSversion lt '13'" 

You can then use this information to take any necessary actions to avoid further interruption of services for your end users.

Daniel Bradley

My name is Daniel Bradley and I work with Microsoft 365 and Azure as an Engineer and Consultant. I enjoy writing technical content for you and engaging with the community. All opinions are my own.

Leave a Reply