andrewamason/Intune
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Module Consolidation

Browse Source
This commit is contained in:
Andrew Amason
2025-05-19 15:02:55 -04:00
parent 81b2d05cda
commit ec2b22290a
141 changed files with 58449 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
intune/Device Management/WIndows/Baselines/OpenIntuneBaseline/MACOS/README.md Normal file
View File

@@ -0,0 +1,74 @@
# OpenIntuneBaseline - MacOS
<img src="https://raw.githubusercontent.com/ugurkocde/intunemacadmins/main/public/favicon.svg" width="100">
Developed in collaboration with [IntuneMacAdmins](https://www.intunemacadmins.com/)
## Intended Use-Case
The baseline has been designed and tested on the following scenario:
### Device:
* MacOS 14.6 or above on Apple Silicon
* Enrolled into Apple Business Manager
* ADE Deployment with the following configured:
* Management Settings:
* Enroll with User Affinity
* Setup Assistant with Modern Authentication
* Await Final Configuration -Yes
* Locked Configuration - Yes
* Setup Assistant:
* FileVault - Show
* Touch ID - Show
* M365 Apps deployed via VPP
### User:
* Cloud-Only or Hybrid Identity with Entra ID as IdP
* MFA configured via Conditional Access
### Licensing:
* M365 Business Premium or M365 E5/A5, or M365 E3/A3 + MDE P1/P2
<br>**OR**:
* Entra ID P1 or P2
* Office 365 E3/E5, A3/A5 or F3
* Intune P1
* Defender for Business or Endpoint P1/P2
> [!IMPORTANT]
> Successful application of the baseline outside of this configuration cannot be guaranteed.
---
## Importing the Baseline:
Please reference [Importing the Baseline](https://github.com/SkipToTheEndpoint/OpenIntuneBaseline/wiki#importing-the-baseline) for information.
### Post-Import Configuration
There are some settings that require manual configuration or creation post-import. These are detailed in [SETTINGSGUIDANCE](https://github.com/SkipToTheEndpoint/OpenIntuneBaseline/wiki/macos-settingsguidance).
---
## Baseline Security Posture
Primary information regarding adherence to security frameworks can be found in the main wiki [README](https://github.com/SkipToTheEndpoint/OpenIntuneBaseline/wiki#security-framework-adherence).
### Included Settings
* Entra Join and Authentication via Platform SSO Secure Enclave
* Core device security restrictions
* Device Encryption via FileVault
* Microsoft Edge (Split into multiple policies for easier management)
* Microsoft Office (Including OneDrive Known Folder Move)
* Microsoft Defender for Endpoint
* Update Configuration
All policies are Settings Catalog and will show in Devices>Configuration Profiles.
For a complete list of settings, please consult [SETTINGSOUTPUT](https://github.com/SkipToTheEndpoint/OpenIntuneBaseline/blob/main/MACOS/SETTINGSOUTPUT.md).
---
## Additional Information:
> [!TIP]
> Please visit [IntuneMacAdmins](https://www.intunemacadmins.com/) for additional information on MacOS management with Intune.
---
## [Change Log](https://github.com/SkipToTheEndpoint/OpenIntuneBaseline/blob/main/MACOS/CHANGELOG.md)