KACE Cloud Mobile Device Manager
We are excited to announce our most recent update to KACE Cloud Mobile Device Manager!
In our September release, we’re introducing several helpful updates, including DEP authentication; additional support for Windows 10; and enhanced automation and visibility when validating SSO certificates.
During the DEP Enrollment process, KACE Cloud MDM now offers full account login, including SSO for DEP authentication. This option completely eliminates the need for token authentication on iOS 13 devices and mac 10.15 devices, or later.
As we continue to build out our Windows 10 support, we’re introducing support for deploying Microsoft 365 for Windows. With an active Microsoft 365 subscription and KACE Cloud MDM, an admin can assign licenses to end users, set up a vendor profile, link it to a policy, and distribute Microsoft 365 to devices.
We’ve also made updates across all SAML-based SSO identity providers, including an improvement to automated certificate validation; new thumbprint details that include dates and status; and enhanced troubleshooting sections for each SSO identity provider.
Apple DEP Web Authentication (Mac and iOS)
Full account authentication, including SSO, is now available during the DEP enrollment process. The option eliminates the need for generating authentication tokens for iOS 13+ and mac 10.15+ devices or newer. To enable this feature, in the DEP Profiles section, select the ‘Force DEP Authentication’ checkbox, then Save settings.
For more information on this topic, visit Apple DEP Enrollment Program in documentation.
SAML-based SSO Updates
We’ve made an important update to the certificate validation section on the SSO settings page. The ‘Validate signatures of identity provider requests/responses’ setting is now defaulted to selected, and certificates will be automatically checked and refreshed every 24 hours by KACE Cloud MDM. The details for validated certificates will appear in the new thumbprint section, along with date and status information. To ensure daily check and refresh, an admin only needs to select the ‘Refresh SAML … using Federated Metadata document’ checkbox located below the thumbprint section.
For additional information relating to this topic, please visit Single Sign-On in documentation.
Admins can now deploy Microsoft 365 to Windows devices using KACE Cloud MDM. The only pre-requisite is a Microsoft 365 subscription.
Before setting up in KACE Cloud MDM, admins should create a configuration file using the Office Customization Tool. The selections made in this file will determine what your Office 365 deployment looks like.
To set up your Microsoft 365 profile in KACE Cloud MDM, add your configuration file as a new Vendor Profile. (Note that Apple Profiles and Microsoft 365 profiles have now been combined into a single library called Vendor Profiles.) Once added, select the new vendor profile and link the profile to a policy for distribution to devices.
For convenience and consistency, we also recommend that you integrate Azure AD with KACE Cloud MDM. You’ll find additional documentation on this topic in our Help Center: Azure AD - SSO and Windows 10 Enrollment using Azure Domain Join.
Be sure to check out the KACE Cloud MDM Product Support page to find knowledge base articles, notifications, video tutorials, and a product user forum.