Questions tagged [microsoft-intune]
Microsoft Intune is Microsoft's Mobile Device Management (MDM) platform.
90
questions
4
votes
2
answers
5k
views
How does one map a drive on a Windows 10 device managed by Intune?
I'm trying to setup some basic group policy settings with Microsoft Intune. We have Windows 10 Enterprise installed on all our devices and they are Azure AD joined. To start I wanted to map a network ...
3
votes
2
answers
7k
views
Is it possible to set the Windows 10 time zone through Intune and if so, should we?
Using AutoPilot to provision Windows 10 v1803 devices, it only asks for the user's language and the user's credentials. After a few minutes waiting at the AutoPilot status page, the user is logged on ...
3
votes
1
answer
33k
views
Microsoft Intune - How to modify Windows 10 registry settings?
Win32 app uses bat file to install software and edit registry keys. Registry keys are modified if I run bat file locally but not when run through via Intune because Intune runs installation as System.
...
3
votes
2
answers
5k
views
Is it possible to rename a Windows 10 device when using Autopilot to join it to the domain and Intune management?
Realizing that naming a PC is old school, I would still like to know if it is possible to rename a Windows 10 device either as part of the AutoPilot process or later through Intune.
Another ...
3
votes
2
answers
4k
views
How do you create an Azure AD Dynamic Device Group based on the Intune Device Enrollment Manager which enrolled the device via AutoPilot?
I am trying to create an Azure AD dynamic device group which contains all devices enrolled by X user 'Associated User'?
This user is the Device Enrollment Manager user DEM which allowed me to enroll ...
2
votes
2
answers
8k
views
Is it possible to uninstall default Windows 10 apps with Intune? If so, how?
Through Intune, is it possible to uninstall default Windows 10 apps; like Pandora, X-box and Candy Crush? If so, how?
2
votes
1
answer
703
views
Problems with Windows Hello for Business in hybrid Cloud Trust scenario, but only on Windows 10
So I went through the process of deploying WHFB. I set up all the prereqs (as far as I know) following the Cloud Trust deployment guide. I added four test machines to the test OU with the appropriate ...
2
votes
2
answers
2k
views
Specifying machine certificate issuer with Windows VPN
I am trying to create a Windows Always On VPN connection between an AD and AAD joined Windows 10 client and a StrongSwan VPN server. The Windows client has multiple "Client Authentication" ...
2
votes
1
answer
1k
views
Hybrid Azure AD Join - Not joining correctly
Another day, another Hybrid Azure AD Join issue.
Having set up Hybrid Join, it looked like it was working. The device I onboarded via autopilot was created in "on-prem" AD, was in Azure AD, ...
2
votes
1
answer
4k
views
Updating Microsoft Intune devices via Powershell
Looking for a bit of help with the Intune Powershell/graph interface.
I'm trying to manipulate Intune Device Categories via Powershell, so that I can firstly correct devices that were placed into the ...
2
votes
1
answer
102
views
To use MDM or Intune?
I'm seeing conflicting suggestions from MS about whether to use MDM or Intune. One says to use MDM when possible despite Intune having more features.
https://docs.microsoft.com/en-us/intune/pc-...
2
votes
2
answers
716
views
How does one deploy through Intune the Microsoft.Office.Desktop Appx Package?
Knowing that there is the Office 365 ProPlus Click-to-run installer template within Intune, I wonder if there may be a way to deploy Office through the Store for Business.
We are finding Office to be ...
2
votes
0
answers
347
views
autopilot not installing apps after autopilot reset
Whenever I putt a computer into autopilot and let the user login it installs all the applications. But whenever I do an autopilot reset and then let je user login in wont install any of the ...
2
votes
1
answer
53
views
Recommendations for future-facing (fully cloud-based) Identity and EMM/UEM Solutions
I have recently started consulting for a tech startup of about 60 users that has grown, and is looking to expand, quickly.
Due to the fast growth, and lack of formal IT advice up until now, they are ...
2
votes
1
answer
8k
views
Configuring Wi-Fi on Android via Intune. Missing Wi-Fi certificate issue
I am having an issue when Android phones are unable to get correct WiFi configuration policy from Intune. Intune is in 'cloud mode' (non-hybrid)
I have the following polices configured in Intune:
...
1
vote
1
answer
1k
views
Microsoft Endpoint Manager Firewall rule not working
I am trying to use Microsoft Endpoint Manager to block all traffic to Microsoft Edge for a group. I have done the following:
Created a group called Students and added user "Zephyr Prospect" ...
1
vote
1
answer
2k
views
Disable the Windows 10 Password login option when FIDO in use
Hello Collective intelligence,
I have a question that is bugging me,
I have a Yubikey 5C setup in Azure AD with passwordless auth and registered to my account, I can log into the PC using the FIDO key ...
1
vote
1
answer
3k
views
Could Intune be the cause of unwanted restarts?
I have an Intune environment that I am currently working on pushing out an endpoint protection profile. There was an older endpoint protection profile that only pushed app control as "audit-only&...
1
vote
1
answer
135
views
Installing Microsoft Store for Business apps on Intune Managed Self-Deploying Devices
We are having trouble with Microsoft Store for Business apps not installing, when assigned as Required to their Device group, on our Endpoint Manager (Intune) managed, Autopilot Self-Deploying, Shared ...
1
vote
1
answer
2k
views
Microsoft Intune mdm cant remove outlook profile data in desktops and mac
We have configured MDM and assigned E3 license and intune license. We have azure AD and intune MDM and also outlook with exchange. It seems that microsoft intune in Desktops cant remove outlook ...
1
vote
1
answer
2k
views
How does one build an Intune AutoPilot ready device, using SCCM, without it becoming Co-Managed?
I would like to build devices using SCCM, much like they arrive new, for Intune AutoPilot deployments. It seemed simple enough. I created a generic Task Sequence, Then wrote a script which uninstalls ...
1
vote
1
answer
6k
views
Don't allow to deactivate Company Portal Intune App as a Device Administrator in Android
Is there any way that I could block the user of deactivating the Company Portal app from the Device Administrator in a Android Device. What I'm trying to accomplish is that the user can't uninstall ...
1
vote
0
answers
750
views
Intune error 80180014 enrolling Windows 10 laptop
I'm trying to use Microsoft Intune for the first time. I have an A3 license which includes Intune and Entra ID/Azure Premium P1. I have Directory Sync running on one of our servers to sync our local ...
1
vote
1
answer
509
views
Intune issues after UPN change for user
I have a bit of a weird situation, already contacted Microsoft support, but hoping sages here know something.
We are planning a change of UPN for our 700+ users. We are in the process of testing what ...
1
vote
1
answer
859
views
Restrict other Azure AD users from logging into Intune devices
I want to make sure that a user in our domain [email protected] does not login to a device that has been assigned to [email protected]. I have created a configuration profile but not sure what the ...
1
vote
0
answers
152
views
How to set alerts for an installed application not in exception list?
We are often getting incidents from Microsoft Defender about malicious activity detected on user devices, For example, lately we had an incident that said there was a defense evasion, however, at the ...
1
vote
0
answers
315
views
Why isnt the remediation improving the exposure score in Microsoft defender?
I am trying to improve our exposure score on Microsoft Defender and noted that "Block persistence through WMI event subscription" has a remediation which Ive already applied since almost a ...
1
vote
0
answers
740
views
How to force users to change their Windows Hello Pin
We changed our password policy in the Microsoft Endpoint Manager and now require a longer PIN.
The issue is, in testing we noticed you're only asked to change the Windows Hello PIN, when logging in ...
1
vote
1
answer
354
views
How to deploy Microsoft Endpoint / InTune to computers that are in use already and not tied to Azure AD Accounts (Password Policy Failure)
We recently rolled out Microsoft Endpoint / InTune to our company computers. Everything works great if the first time a user logs in it is with their Azure AD credentials. We have computers that are ...
1
vote
0
answers
1k
views
Configuration Profiles applying as System Account instead of user
I'm pulling my hair out over an issue I'm having with Intune. I've deployed a VPN profile using a custom configuration profile to my users and most users have received the VPN profile on their laptops ...
1
vote
1
answer
518
views
Block unapproved Remote Assistance solutions
We have a cloud-only setup using Azure AD + Intune to manage our organisation's windows devices, since all are remote workers/work from home.
I'm looking to remove the possibility for users to ...
1
vote
1
answer
1k
views
Intune new office installation on already installed office
Currently users have office 365 installed via een msi that was inserted into Intune. We now want to use the new method because than we can easily add and remove applications.
Is it possible to do so? ...
1
vote
0
answers
252
views
Enrol Chrome Browser via InTune
I'm having difficulty enrolling Chrome Browsers for management via Gsuite Admin on machines managed by InTune MDM.
I've tried following this guide, to set the CloudManagementEnrollmentToken via the ...
1
vote
0
answers
72
views
Can you target app deployments to local users in InTune?
Is there any way to target app deployments to local users (not devices) such as the local user that kiosks create, kioskUser0?
1
vote
0
answers
43
views
No mobile devices in Intune - Testing a few users from Hybrid SCCM to Intune Standalone
I'm testing at the moment with a few users to migratie from Hybrid SCCM to Intune Standalone. I followed this steps:
https://docs.microsoft.com/en-us/sccm/mdm/deploy-use/migrate-hybridmdm-to-intunesa
...
1
vote
1
answer
44
views
Apple Configurator config files in Intune
I’m looking at moving a MDM config from SCCM hybrid to Intune Standalone. I know I can migrate but right now I’m running down options for a fresh setup.
If all I have is an xml dump of an Apple ...
1
vote
2
answers
1k
views
Azure AD, InTune, TeamViewer
So I had come across This Article explaining it is better to manage Windows 10 devices as mobile devices rather than using the InTune console, which I have already done. Most of our machine are ...
1
vote
0
answers
41
views
Deploy Modern UI App
I have enrolled my devices with Windows Intune and Install Corporate Portal to them.
I have added to InTune some Windows Store App, MS Corporate Portal appx and my own application appx.
When I am ...
0
votes
1
answer
3k
views
How do I disable Bitlocker Encryption settings using Intune?
We've activated Intune Bitlocker encryption and configured it needs a password to unlock.
Since we don't want our users to change the Bitlocker pin, we want to disable the Settings below.
Bitlocker ...
0
votes
1
answer
2k
views
Intune device not in Endpoint Manager
One of our devices is visible in MS Azure AD > Devices with Jointype = Azure AD joined and MDM = Microsoft Intune, but not visible in MS Endpoint Manager.
Any experiences/suggestions?
0
votes
1
answer
464
views
can windows intune do a self service software distribution portal?
I want to give users a self-service software portal like sccm can do but sccm is huge and I have less than 100 users and many are mobile
From what I understand intune is for oob/mobile users. Does ...
0
votes
1
answer
12k
views
Microsoft Intune conflict resolution
I have a number of devices enrolled in Microsoft Intune. Currently, they all share a single set of Intune configuration profiles and compliance policies; our "all employees" group has the profiles/...
0
votes
1
answer
371
views
Windows hello for business: remove certificate from virtual smartcard
I've managed to add a certificate to windows hello for signin to RDP.
See: https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/rdp-sign-in?tabs=intune
However ...
0
votes
1
answer
5k
views
Change Windows PIN requirements in Intune for an Azure AD-joined PC
I am the part-time admin of a small nonprofit, with a Microsoft 365 Business Premium subscription. I have been searching through admin.microsoft.com and portal.azure.com, but can't seem to find the ...
0
votes
1
answer
99
views
Can Autopilot PCs be required to be Intune managed?
After recently having the Intune Wipe action fail to Wipe PCs though it removes the PC from Intune, I worry we could have more unmanaged yet fully functional PCs in the field. Is there a way to ...
0
votes
2
answers
756
views
Using InTune for BitLocker enabling TPM+PIN+USB
I am tasked with enabling BitLocker via InTune and I am struggling to understand why the following settings are not taking effect on the endpoint.
In the OS drive settings
Compatible TPM Startup - ...
0
votes
1
answer
1k
views
Intune Autopilot replace WDS or Sccm
I have been doing some research on Intune autopilot - I see that once hardware hash is registered it can go on autopilot mode wherein- users just need to sign in and all configurations are taken care ...
0
votes
2
answers
11k
views
This Apple ID can't be used to make purchases - InTune/Apple Business Manager
We have just integrated InTune with Apple Business Manager and turned on the domain Federation which now allows our Azure AD users to log into Apple Devices with their work email address. We have hit ...
0
votes
1
answer
7k
views
Block Users from Installing programs with Azure AD joined Devices
I am looking for a way to block users from installing programs without an on prem AD domain (so no GPOs etc.). We have Office365 and the included Azure AD. The devices have not yet been joined to ...
0
votes
0
answers
42
views
MacOS Intune Platform SSO not prompting to register device until Company Portal is opened
I'm deploying Platform SSO to allow our Mac users to sign into their devices without the need for a "build process", similar to autopilot on Windows.
I've followed this guide and it all ...