![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 37%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
2,098 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Mastering M365 , For your questions, here are my answers for your reference:
Q1: Microsoft documentation for Shared iPad says federation as 'required'. What is not clear is if Azure AD federation a mandatory requirement for shared iPad deployment ? Can this be configured without federation such that only a guest user 'temporary sessions' is allowed to login.
A1: For the AAD federation, I think it means if we need users to sign in using their AAD username and password, then the AAD federation is required. In iPadOS 13.4 or later, users is allowed to sign in as Guest account. We can see more details in the following link:
https://learn.microsoft.com/en-us/mem/intune/enrollment/device-enrollment-shared-ipad#configure-temporary-sessions-on-shared-ipads
Q2: Is there any reason by design, why VPP apps are not available on policy sets ? is it because the apps from VPP are not being deployed from Intune instead come from ABM ?
A2: For VPP, the app is purchased using ABM or ASM, then it can sync to Intune to deploy.
https://learn.microsoft.com/en-us/mem/intune/apps/vpp-apps-ios
Currently, only the following app types are currently supported by policy sets:
- iOS/iPadOS store app
- iOS/iPadOS line-of-business app
- Managed iOS/iPadOS line-of-business app
- Android store app
- Android line-of-business app
- Managed Android line-of-business app
- Microsoft 365 Apps (Windows 10)
- Web link
- Built-in iOS/iPadOS app
- Built-in Android app
And the VPP is not in the list.. For the detailed reason, I am not sure. i didn't find it mention in any official article.
https://learn.microsoft.com/en-us/mem/intune/fundamentals/policy-sets#policy-sets-known-issues
But you can feedback to Intune uservoice to see if it can be added in the later future:
https://feedbackportal.microsoft.com/feedback/forum/ef1d6d38-fd1b-ec11-b6e7-0022481f8472
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.