How to block Quick Start on Apple devices to prevent restore of unsupervised back up to supervised device

Question

How to block Quick Start on Apple devices to prevent restore of unsupervised back up to supervised device

Jeroen Dijkman 1

We have started using ABM to get our new Apple devices enrolled into Intune as supervised. We noticed that on the Quick Start screen in the initial setup the user gets the option to restore data from their previous Apple device using Bluetooth connection.
In our case these are unsupervised devices and when the user restores the data the new device will basically bypass the complete ABM setup and end up not being supervised and not enrolled into Intune.

According to the Microsoft documentation the Quick start is offered before the ABM profile is downloaded to the device. So ABM can not block this option.

Besides telling the user not to use the quick start option (which we do) is there a way we can either block the quick start option?

regards,

Jeroen Dijkman

1 answer

Your answer

Answer 1

Lu Dai-MSFT 28,501

@Jeroen Dijkman Thanks for posting in our Q&A.

For this issue, I have done a lot of research. In apple developer documentation, it show some information about this feature:
allowProximitySetupToNewDevice
If false, disables the prompt to set up new devices that are nearby. Requires a supervised device. Available in iOS 11 and later.
Default: true
https://developer.apple.com/documentation/devicemanagement/restrictions

So, if the Apple device is managed by intune, we can try to set "Block setting up new nearby devices" to "Yes" in Device restriction profile.

However, if the Apple device is new and not managed by intune, there is no method to make it.

Hope the above information will help.

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Lu Dai-MSFT 28,501 Reputation points

2021-06-21T05:52:33.147+00:00

@Jeroen Dijkman I am currently standing by for further update from you and would like to know how things are going. If you have any questions or concerns on the recent information I've provided you, please don't hesitate to let me know.
Jeroen Dijkman 1 Reputation point

2022-11-10T10:19:02.883+00:00

Hi

We are more then 1 year later. I still have not seen any way to block the Quick Start for supervised iOS devices during initial enrollment.
Any updates on this topic?

regards,

Jeroen Dijkman
James Buckland 0 Reputation points

2023-10-24T14:47:16.79+00:00

"Block setting up new nearby devices" just stops the device from setting up other new devices. This setting would be removed when the device is wiped so has no bearing on it's ability to be setup from other nearby devices.

I am still looking for a way to stop users from bypassing Intune enrolment.

This seems a very strange decision made by Apple to not have devices connect to the internet and call home before offering to restore/setup. This defeats the whole purpose of DEP/ABM which is to maintain management of company owned devices!

Share via

How to block Quick Start on Apple devices to prevent restore of unsupervised back up to supervised device

1 answer

Your answer