Forum Widgets
Latest Discussions
Acrobat DC Install via Intune
Has anyone been success on deploying Acrobat DC Professional via Intune? I downloaded the package from Adobe and used the IntuneApp to create a package but so far it refuses to install failing with a (0x80070005) error. I can deploy the reader without issue. Deployed Dreamweaver and Photoshop CC without error but this one is puzzling. This like all of CC is subscription based now, so not sure what I am missing...Jeff HarlowJan 18, 2025Iron Contributor65KViews0likes30Comments🎙️Podcast: Microsoft Ignite E03
🎙️#Podcast: Microsoft Ignite E03 I had an incredible time chatting with @liorbela.bsky.social in my latest #MSignite podcast episode, where we delved into key highlights from Microsoft Ignite 2024 and exciting developments in the Intune world #msintune Youtube: https://youtu.be/mnxHRLz3EMg?si=pab6wByZpQ2tnf5P2Views0likes0CommentsProblem running the Windows Feature Update Device Readiness Intune Report
I have a custom Intune role for our support staff. I want them to be able to run the Feature Update Device Readiness report. When they click on the Select target OS link, it shows "No data to display", instead of the OS list. They are able to click on Select scope tag and see a list of scope tags. Is there a permission they need that I'm missing? Here is what I have assigned for the custom role. Audit data Read Corporate device identifiers Create Delete Read Update Device compliance policies Read View Reports Device Configurations Read View Reports Endpoint Analytics Read Endpoint protection reports Read Enrollment programs Create device Delete device Read device Sync device Assign Profile Read Profile Managed apps Read Managed devices Delete Read Set Primary user Update View reports Organizations Read Remote tasks Clean PC Collect diagnostics Enable Windows IntuneAgent Get Filevault key Manage shared device users Reboot now Reset passcode Retire Set device name Sync devices Wipe Roles ReadMEB2004Jan 17, 2025Brass Contributor478Views2likes2CommentsIOS Device Registration Issue - Duplicate Devices
After configuring a Conditional Access Policy to require compliant devices, I noticed that user's IOS devices were failing the compliance check. Further investigation showed the devices as listed in Intune were compliant, but when looking in Azure AD, the user would have (2) devices - one compliant and Intune managed and one not compliant. The AzureAD Device ID in Intune corresponded to the compliant Intune managed device listed in AzureAD as expected. The Sign in logs indicated the device (Device ID) failing the compliance check in the conditional access policy was the non-Intune managed device that was indicating not compliant in AzureAD. Devices are Personally Owned, BYOD. We were using an Account Driven User Enrollment policy. Device enrollment into Intune seemed to be successful without any errors indicated. Devices were receiving the required apps upon enrollment. I've successfully reproduced the issue numerous times using a test device and test account. After enrolling into Intune, there is only 1 device - non-MDM managed in the AzureAD (Device does show in Intune as compliant). Upon signing into the Company Portal app, the 2nd Intune Managed device shows up in the AzureAD list. However, the device doesn't pass the conditional access policy when utilizing apps such as Outlook, conditional access policy sign in logs indicate conditional access policy failed due to non-compliant device. The Device ID indicated corresponds with the non-MDM managed device in AzureAD. Switching to user enrollment with Company portal, and utilizing the Company portal app to enroll, everything works, and I only end up with 1 device in AzureAD. I'm going crazy trying to resolve this. The Account driven enrollment was a few clicks easier for my very non-technical user base. Any insight or thoughts would be appreciated! I've got 100 devices enrolled, and I'm really not looking forward to having to re-enroll them all.mwalkertx320Jan 16, 2025Copper Contributor1.1KViews0likes2Commentshelp with remediation
Hi, i'm trying to create detection and remediation scripts for intune to detect the presence of a template in the users word startup folder **My detection is as follows** $path = "C:\Users\$env:USERNAME\AppData\Roaming\Microsoft\Word\Startup\ACS Template 2010 2013 2016 (2) (1).dotm" if (Test-Path $path) { Write-Output "File exists: $path" exit 1 # Success, file exists } else { Write-Output "File not found: $path" exit 0 # Failure, file does not exist **My remediation** $path = "C:\Users\$env:USERNAME\AppData\Roaming\Microsoft\Word\Startup\ACS Template 2010 2013 2016 (2) (1).dotm" if (Test-Path $path) { Remove-Item -Path $path -Force It seems like the detection works as the detection status is "without issues" but the remediation doesn't run. Any advice on how to correct this very much welcomedmonkeybraddersJan 16, 2025Copper Contributor18Views0likes2CommentsConditional Access Policy Loop with Edge on BYOD Devices – Need Help!
Body: Hello Tech Community, I’m facing an issue with an Azure AD Conditional Access Policy that seems to be causing a loop when users access Office 365 resources using Microsoft Edge on Windows 11 24H2 BYOD devices. Here’s the scenario: Problem: The policy is titled "Require App Protection Policy for Edge on Windows for All Users when Browser and Non-Compliant-v1.0" and continuously prompts users to switch profiles in Edge. These devices are BYOD and intentionally excluded from full Intune management (non-compliant by design). However, Edge repeatedly requests authentication or profile switching, creating a frustrating experience. Policy Details: Applies to: Windows devices using browsers (primarily Edge). Excludes: Compliant devices or those with trustType = ServerAD. Includes: Office 365 applications. Excludes Groups: Certain groups that should bypass the policy. What I’ve Tried: Verified device compliance status in Azure AD and Intune. Checked Azure AD Sign-In Logs for errors or repetitive authentications. Cleared Edge browser cache and cookies. Ensured Edge is configured to use Windows sign-in information. Adjusted the App Protection Policy settings for Edge. Questions: Could this be an issue with how Edge handles profile authentication in Conditional Access scenarios? How can I ensure that BYOD devices remain excluded from full Intune management but still work seamlessly with this policy? Are there specific adjustments I can make to the Conditional Access or App Protection Policy to avoid these loops? Additional Context: My goal is to secure access using App Protection Policies (MAM) for BYOD scenarios without requiring full device enrollment in Intune. Any insights, suggestions, or similar experiences would be greatly appreciated! Thank you in advance for your help!Abdullah_OllivierreJan 16, 2025Copper Contributor39Views1like1CommentWindows Update Rings
Suddenly stopped working after 50% of the devices got updated and the remaining 50% did not get updates for December 2024. Even a manual update error out Finally, they are saying that the system certificate registry key could be corrupted and import that from a good computer and update it. I did that on one build of Windows 11 it works but for another build it does not work. This is the reg key they are talking about HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates But I see that this key is in Wow64 location also. So, I am not sure whether I should update this on the device that it does not work. Has anyone run such issues with December 2024 Updates?oryxwayJan 16, 2025Iron Contributor16Views0likes0CommentsRe-Installing Native apps removed via intune
Hi All, I have ~30 phones set up with device management in our enviornment. When these phones were originally set up, their profile was set up to remove a number of native apps. This was accomplished through blocking the app bundle id's of these apps as shown below: Obviously this configuration caused issues and we've removed it, but although the configuration was removed and we've synced the phones over countless times these native apps are not reinstalling. Is there a way to push native apps back out via intune?softwaretoughJan 16, 2025Copper Contributor31Views0likes1Comment
Resources
Tags
- Intune3,948 Topics
- Mobile Device Management (MDM)2,142 Topics
- Mobile Application Management (MAM)788 Topics
- Conditional Access435 Topics
- Software Management413 Topics
- Graph API231 Topics
- Azure Friday157 Topics
- Autopilot105 Topics
- android64 Topics
- iOS52 Topics