| Category | Microsoft Docs article | Related commit history on GitHub | Change details |
|---|---|---|---|
| admin | Create An Apns Certificate For Ios Devices | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/basic-mobility-security/create-an-apns-certificate-for-ios-devices.md | -description: "To manage iOS devices such as iPads and iPhones in Basic Mobility and Security, begin by creating an APNs certificate." +description: "To manage iOS devices such as iPads and iPhones in Basic Mobility and Security, begin by creating an Apple Push Notification service (APNs) certificate." # Create an APNs certificate for iOS devices -To manage iOS devices such as iPads and iPhones in Basic Mobility and Security, create an APNs certificate. +To manage iOS devices like iPad and iPhones, you need to create an Apple Push Notification service (APNs) certificate. -1. Sign in to Microsoft 365 with your global admin account. +1. Sign in to Microsoft Azure with your global admin account. -1. Go to the [Microsoft 365 admin center](https://portal.office.com/adminportal/home?#/MifoDevices), and choose **APNs Certificate for iOS**. +1. Go to [Configure MDM Push Certificate](https://portal.azure.com/#view/Microsoft_Intune_Enrollment/APNSCertificateUploadBlade). -1. On the Apple Push Notification Certificate Settings page, choose **Next**. +1. Select **I agree** to authorize Microsoft to communicate with Apple. -1. Select Download your CSR file and save the certificate signing request to somewhere on your computer that you'll remember. Select **Next**. +1. Select **Download your CSR** and save the certificate signing request to a location on your computer that you'll remember. -1. On the Create an APNs certificate page: +1. Select **Create your MDM push certificate** to open the Apple Push Certificates Portal. - 1. Select Apple APNS Portal to open the Apple Push Certificates Portal. + a. Sign in with an Apple ID. + + > [!IMPORTANT] + > Use a company Apple ID associated with an email account that will remain with your organization even if the user who manages the account leaves. Save this ID because you'll need to use the same ID when it's time to renew the certificate. - 2. Sign in with an Apple ID. + b. Select **Create a Certificate** and accept the **Terms of Use**. + + c. Browse to the certificate signing request that you downloaded to your computer from Microsoft 365 and then select **Upload**. + + d. Download the APNs certificate created by the Apple Push Certificate Portal to your computer. + + > [!TIP] + > If you're having trouble downloading the certificate, refresh your browser. - > [!IMPORTANT] - > Use a company Apple ID associated with an email account that will remain with your organization even if the user who manages the account leaves. Save this ID because you'll need to use the same ID when it's time to renew the certificate. +1. Go back to Microsoft Azure and browse to the APNs certificate that you downloaded from the Apple Push Certificates Portal. - 3. Select **Create a Certificate** and accept the Terms of Use. +1. Select **Upload**. - 4. Browse to the certificate signing request you downloaded to your computer from Microsoft 365, and select **Upload**. -- Download the APNs certificate created by the Apple Push Certificate Portal to your computer. -- > [!TIP] - > If you're having trouble downloading the certificate, refresh your browser. --1. Go back to Microsoft 365, and select **Next** to get to the **Upload APNS certificate** page. --1. Browse to the APN certificate you downloaded from the Apple Push Certificates Portal. --1. Select **Finish**. --To complete setup, go back to the Security & Compliance Center \> **Security policies** \> **Device management** \> **Manage settings**. +To complete setup, go back to [Basic Mobility and Security](https://compliance.microsoft.com/basicmobilityandsecurity). |
| admin | Manage Enrolled Devices | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/basic-mobility-security/manage-enrolled-devices.md | After you've set it up, the people in your organization must enroll their device To get to the device management panel, follow these steps: -1. Sign in to the Microsoft 365 admin center, and go to the [Mobile Device Management page](https://portal.office.com/adminportal/home?#/MifoDevices). +1. Sign in to the Microsoft 365 admin center, and go to the [Active Devices page](https://admin.microsoft.com/Adminportal/Home?#/IntuneDevices/?isMifo=true). 1. Select **Let's get started**. After you've got Basic Mobility and Security set up, here are some ways you can |To do this|Do this| |||-|Wipe a device|In the Device Management panel, select *device name*, then **Full wipe** to delete all information or **Selective wipe** to delete only organizational information on the device. For more info, see [Wipe a mobile device in Basic Mobility and Security](wipe-mobile-device.md).| +|Wipe a device|From the Active Device list, check the box next to **Device Name**, then **Factory reset** to delete all information or **Remove company data** to delete only organizational information on the device. For more info, see [Wipe a mobile device in Basic Mobility and Security](wipe-mobile-device.md).| |Block unsupported devices from accessing Exchange email using Exchange ActiveSync|In the Device Management panel, select **Block**.| |Set up device policies like password requirements and security settings|In the Device Management panel, select **Device security policies** > **Add +**. For more info, see [Create device security policies in Basic Mobility and Security](create-device-security-policies.md).| |View list of blocked devices|In the Device Management panel, under **Select a view** select **Blocked**.|-|Unblock noncompliant or unsupported device for a user or group of users|Pick one of the following to unblock devices:<br/>- Remove the user or users from the security group the policy has been applied to. Go to Microsoft 365 admin center > <a href="https://go.microsoft.com/fwlink/p/?linkid=2052855" target="_blank">**Groups**</a>, and then select group name. Select **Edit members and admins**.<br/>- Remove the security group the users are a member of from the device policy. Go to Security & Compliance Center > **Security policies** > **Device security policies**. Select device policy name, and then select **Edit** > **Deployment**.<br/>- Unblock all noncompliant devices for a device policy. Go to Security & Compliance Center > **Security policies** > **Device security policies**. Select device policy name and then select **Edit** > **Access requirements**. Select **Allow access and report violation**.<br/>- To unblock a noncompliant or unsupported device for a user or a group of users, go to Security & Compliance Center > **Security policies** > **Device management** > **Manage device access settings**. Add a security group with the members you want to exclude from being blocked access to Microsoft 365. For more info, see [Create, edit, or delete a security group in the Microsoft 365 admin center](../../admin/email/create-edit-or-delete-a-security-group.md).| +|Unblock noncompliant or unsupported device for a user or group of users|Pick one of the following to unblock devices:<br/>- Remove the user or users from the security group the policy has been applied to. Go to Microsoft 365 admin center > **<a href="https://go.microsoft.com/fwlink/p/?linkid=2052855" target="_blank">Groups</a>**, and then select group name. Select **Edit members and admins**.<br/>- Remove the security group the users are a member of from the device policy. Go to [Basic Mobility and Security ](https://compliance.microsoft.com/basicmobilityandsecurity)and select the **Policies** tab. Select device policy name, and then select **Edit** **Deployment**.<br/>- Unblock all noncompliant devices for a device policy. Go to [Basic Mobility and Security](https://compliance.microsoft.com/basicmobilityandsecurity) and select the **Policies** tab. Select device policy name and then select **Edit** > **Access requirements**. Select **Allow access**.<br/>- To unblock a noncompliant or unsupported device for a user or a group of users, go to [Basic Mobility and Security](https://compliance.microsoft.com/basicmobilityandsecurity) and select the **Organization Setting** tab. and select the **Security groups excluded from access control** section. Add a security group with the members you want to exclude from being blocked access to Microsoft 365. For more info, see [Create, edit, or delete a security group in the Microsoft 365 admin center](../../admin/email/create-edit-or-delete-a-security-group.md).| |Remove users so their devices are no longer managed by Basic Mobility and Security|To remove the user, edit the security group that has device management policies for Basic Mobility and Security. For more info, see [Create, edit, or delete a security group in the Microsoft 365 admin center](../../admin/email/create-edit-or-delete-a-security-group.md).<br/>To remove Basic Mobility and Security from all your Microsoft 365 users, see [Turn off Basic Mobility and Security](turn-off.md).| Live (v14) |
| admin | Wipe Mobile Device | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/basic-mobility-security/wipe-mobile-device.md | Mobile devices can store sensitive organizational information and provide access ## Wipe a mobile device -1. Sign in to the Microsoft 365 admin center, and go to the [Mobile Device Management page](https://portal.office.com/adminportal/home?#/MifoDevices). +1. Sign in to the Microsoft 365 admin center, and go to the [Active devices](https://admin.microsoft.com/Adminportal/Home?#/IntuneDevices/?isMifo=true) page. 1. Select **Manage devices**. |
| archive | Archive Setup | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/archive/archive-setup.md | You must be a [SharePoint Administrator](/entra/identity/role-based-access-contr Once pay-as-you-go billing has been enabled for Microsoft Syntex on Microsoft 365 admin center, Microsoft 365 Archive can be enabled. -1. In the Microsoft 365 admin center, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2171997" target="_blank">**Setup**</a>, and then select **Use content AI with Microsoft Syntex**. +1. In the Microsoft 365 admin center, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2171997" target="_blank">**Setup**</a>, and then select **Automate content processes with Syntex**. -2. On the **Use content AI with Microsoft Syntex** page, select **Manage Microsoft Syntex**. +2. On the **Automate content processes with Syntex** page, select **Go to Syntex settings**. -3. On the **Manage Microsoft Syntex** page, select **Archive**. +3. On the Syntex page, in the left navigation, select **Storage**. From the list of products, select **Archive**. 4. On the **Archive** page, select **Turn on**, and on the confirmation pane, select **Confirm**. |
| backup | Backup Setup | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/backup/backup-setup.md | To turn on Microsoft 365 Backup, you'll need to go to the Microsoft 365 admin ce 2. Select **Setup**. -3. On the **Setup** page, in the **Files and content** section, select **Use content AI with Microsoft Syntex**. +3. On the **Setup** page, in the **Files and content** section, select **Automate content processes with Syntex**. -4. On the **Use content AI with Microsoft Syntex** page, select **Manage Microsoft Syntex**. +4. On the **Automate content processes with Syntex** page, select **Go to Syntex settings**. -5. From the list of products, select **Backup Preview**. +5. On the Syntex page, in the left navigation, select **Storage**. From the list of products, select **Backup Preview**. 6. By default, the feature is turned off. Select **Turn on** to enable Microsoft 365 Backup for your organization. |