Forum Widgets
Latest Discussions
Did expediting the 2024-08 Quality Updates fail for anyone else?
I posted this question yesterday on the Windows Servicing board, but there isn't much activity there. I hope it's okay to re-post it here. Due to the CVE-2024-38063 vulnerability, we attempted to use the Expedited Quality Updates feature to enforce the immediate installation of the 2024-08 security updates. Unfortunately, the feature simply did not work. Even a couple weeks after deploying the expedited update profile, we had about 25% of our Windows endpoints still in "Pending" status, most of which were powered on 24/7. We still have ConfigMgr in our environment, so I used CMPivot to run a query for events in the System log with "2024-08" in the message. This showed me that rather than installing the update and forcing a restart one day later as configured, the update was being installed, then reverted about ten hours later, then immediately re-installed again, over and over: If I manually initiated a restart on any of the affected machines, the update was successfully finalized, so the issue wasn't a failure to install the update. I've opened a case with Microsoft Support, but it is progressing slowly. If nobody else is seeing the issue, I will throw in the towel, but if it's more widespread, I think it is worth fighting to get this fixed (assuming that Microsoft isn't already aware and has simply chosen not to publicize it — for example, in the Windows release health blade in the Microsoft 365 Admin Center).
Intune MAM BYOD: Remove Account message for iOS devices
Hello, I am seeing an issue for Intune MAM BYOD(iOS) users. After a user account password reset, it causes Intune to remove the account configured from mobile applications like MS Outlook, Work, OneDrive, etc. Current Intune Configuration: Done - App Protection Policy Done - Conditional access policy --> Grant --> Requires app protection policy (checked) Users had to re-enrol to access his/her data. Here is the screenshot, Thank you,
LAPS Intune policies
So it seems that there are legacy LAPS policies (via Configuration/Policies/New/Windows 10/Settings catalog Search for LAPS = Administrative templates/LAPS Well, I did configure them & added my device group. Then I realize that it is NOT this LAPS I need (by then quite few devices got the policy) I unlinked the group, deleted this policy & created NEW LAPS policy via Endpoint Security/Account Protection/Create policy/Windows/Windows LAPS Here I can setup new settings (especially Password Complexity = Passphrase) While lots of my devices get the local admin password reset to correct Passphrase, there are quite a few that have complex password (leftover from previous attempt?) No matter what I do, I cannot get this local admin password changed to Passphrase Any idea how to get ALL the local admin passwords to be in same format? Thanks Seb
Apple business manager deployment - receiving pop-up bout apple account
Hello intune forum, I recently setup apple business manager in our enviroment to work with Intune. I've created the enrollment profile, setup the VPP token, etc. But now, a few of our users, myself included is getting a pop-up on our phones stating : "this apple account cannot make purchases". I made sure only the VPP apps are being pushed to the company phones and not the apps from the store. Anyone else have this issue?Cannot enroll azure vm(windows 24H2) in Microsoft company portal
I created a windows VM in Azure. To access company resources on this machine, I attempted to enroll the device through the Company Portal. However, the enrollment failed while setting up the work or school account, with the error message “This connection isn’t secure.” How should I fix this issue?
intune constantly tries to re-install Chrome everyday when it is already installed
Hi, We have set Intune to install few applications including Google Chrome for users but Intune constantly tries to re-install Google Chrome everyday. What could be wrong with detection rule setting for Google Chrome and how to fix it? Your assistance will be greatly appreciated! Cheers, Sasan
