Managing Apple Mac, iPhone and iPad with Microsoft Intune and Microsoft 365

Blue Arc manages Apple Mac, iPhone and iPad fleets centrally through Microsoft Intune and Microsoft 365, using Apple Business Manager for zero-touch enrolment and advanced features like Platform SSO for passwordless sign-in. We do this for Australian businesses running full Apple environments and mixed Windows and Apple fleets alike.

Apple and Microsoft 365, managed as one

Microsoft Intune is the device management service inside Microsoft 365. It manages macOS, iOS and iPadOS from the same console as Windows, so identity, security and policy stay consistent across a mixed fleet. Company-owned devices enrol with zero touch through Apple Business Manager and configure themselves on first boot; personal devices can enrol through user enrolment. From there we apply compliance policies, Conditional Access, FileVault disk encryption and app deployment through Apps and Books.

Platform SSO: passwordless sign-in to the Mac

Platform SSO lets a Mac sign in with the user's Microsoft Entra ID account and, using the Mac's Secure Enclave and Touch ID, go passwordless with phishing-resistant credentials, much like Windows Hello for Business on a PC. It is deployed through Intune, and registration can now happen during Setup Assistant so a new Mac reaches the desktop already signed in and compliant. See how Platform SSO works with Intune and Entra ID.

Apple Business Manager and modern management

Apple Business Manager handles device assignment, app licensing through Apps and Books, and Managed Apple Accounts that can be federated with Microsoft Entra ID. We also use modern capabilities such as declarative device management and managed software updates to keep macOS and iOS current and secure without hands-on effort.

Full or hybrid Apple adoption

We have brought Apple devices into organisations both as full-Apple environments and as hybrid Windows and Apple fleets, across multiple clients. The identity, security and Conditional Access model is the same either way, so staff get a consistent experience and IT keeps one set of controls.

The right Microsoft 365 plan

For organisations of 300 staff or fewer, Microsoft 365 Business Premium is our recommended plan: it includes Microsoft Intune and Microsoft Entra ID P1, which cover Apple device management, Conditional Access and Platform SSO. Above 300 users you move to enterprise licensing. See whether Business Premium is enough to manage Macs and iPhones.

Why Blue Arc

We have supported Australian businesses since 2004. Clients complete a short survey after every job: we currently sit at 96% for response speed, 94% for resolution speed and 97% for overall satisfaction. We are Canberra headquartered with staff also in Sydney, Melbourne, Albury-Wodonga and Adelaide, and we deliver device management nationally.

See our managed services or talk to us.

Frequently asked questions

Can Microsoft Intune manage Macs and iPhones, not just Windows?

Yes. Microsoft Intune manages macOS, iOS and iPadOS alongside Windows from the same console. Microsoft 365 Business Premium includes full Intune capabilities for Apple devices.

Do we need Apple Business Manager to manage Apple devices with Intune?

For zero-touch enrolment of company-owned devices, yes. Apple Business Manager links your device purchases to Intune so Macs, iPhones and iPads configure themselves on first boot. Personal devices can enrol without it.

Can we run a mix of Windows and Apple devices?

Yes. We manage full-Apple environments and hybrid Windows and Apple fleets, applying consistent identity, security and Conditional Access policy across both from Microsoft 365.