Forum Widgets
Latest Discussions
iOS Screenshots not working (BYOD)
Hi All! I am having reports back from our iOS BYOD user's that they can not capture screenshots. Our policy and config for BYOD hasn't changed recently and we all don't restrict the taking of screenshots. I have also checked the App config and protection polices , but can't see anything in there, also they haven't changed. I know iOS has had updates recently , could this be the cause? Anyone else got this issue? Many ThanksSolvedUpNorthIntuneDec 10, 2024Iron Contributor144Views1like4Commentsintune MDM, IOS device after a restore skips remote Management screen
I am using Intune MDM to enrol the devices. Enrolling a new device with Manged apple ID works without any issues and I can install profile getting all the apps installed via VPP Apps on the device When restoring a device from iCloud or a local computer backup taken on iTunes don’t seems to work as expected after a restore, device skips remote management screen and loads into the phone welcome screen. I am taking the backup of the same device and restoring it back, keeping in mind the device was never MDM managed therefore no management profile has been restored. We are using managed apple id’s so no VPP apps downloaded but due to managed Apple id this blocks the store capability of downloading any apps from app store. The device was added into MDM Intune via apple configurator therefore visible on Intune 1 - Backup to iCloud to keep all data 2 - wiped the device via Erase all content and settings. 3- Added the phone using Apple configurator 4- In ABM I assign the device to the MDM server. 5- kicked in manual sync from Intune. Once the device visible in Intune and profile assigned. start the setup process and select to restore from iCloud or backup from computer. I expected it to restart after the restore and show the remote management screen, but it does not. The only way around this is to restore via iCloud to a different device. This is not ideal Please let us know if you can recommend a better way of doing this therefore restoring the backup on same device and getting remote management configuration to enrol the device on MDMSolvedMustanDec 05, 2024Copper Contributor45Views0likes1CommentBest Practices for Managing Autopilot Profiles Across Multiple Locations
Hello everyone, I have a question, and I’d like to get your thoughts on it. In a scenario where an organization manages Hybrid Join devices using Autopilot, distributed across different locations, each with its own Autopilot profile, how do you prefer to manage groups and profile assignments? The options I’m considering are: Option 1 Using a single dynamic group (e.g., “All Autopilot Devices”), with a query like: (device.devicePhysicalIDs -any (_ -startsWith "[ZTDid]")) to include all corporate devices, and then assigning profiles using Scope Tags. Option 2 Creating multiple dynamic groups, one for each location (e.g., “Location 1 Autopilot Devices,” “Location 2 Autopilot Devices,” etc.), with queries like: (device.devicePhysicalIds -any (_ -eq "[OrderID]: Location 1")) and then assigning the respective Autopilot profile to each dynamic group. What’s your approach, and what advantages/disadvantages have you encountered? Thank you to anyone willing to share their experience!SolvedMarPasNov 29, 2024Brass Contributor77Views0likes4CommentsWinget in Remediation scripts
Does the remediation scripts and the execution envrionment support winget? Running this returns nothing: $version = winget --version | Out-String Have also tried to use the Start-Process approach: # Define the path to winget.exe $WingetPath = "C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\winget.exe" Start-Process -FilePath $WingetPath.... Is it even possible to get winget working in detection- and remediation scripts?SolvedEPNAdamNov 27, 2024Brass Contributor53Views0likes1CommentFirewall Rules: Transitioning from GPO to Intune
I migrated the firewall rules from a GPO to Intune and successfully applied them to my devices. Now I want to remove the firewall rules from the GPO. My question is: will the firewall rules deployed via Intune be automatically applied to my devices once I remove those from the GPO? For security reasons, I don’t want to leave certain ports open when removing the GPO.SolvedNumber1996Nov 22, 2024Copper Contributor81Views1like6CommentsAssistance needed to deploy a file on desktop
Hello everyone I need to deploy an executable file (.exe) that does not require installation. Is there a way to deploy this file to each user's desktop via Intune? Any guidance would be appreciated Thank youSolvedkabamaruNov 20, 2024Copper Contributor51Views0likes2CommentsIntune Reporting
I am new to Intune having used Group Policy for many years. I understand the basics, but one thing that I can't see is reporting and logging of what in tune is doing on the computer? I can see event viewer entries but there doesn't seem logging? Am i missing something or is there no logging?Solvedandytheit2Nov 17, 2024Copper Contributor53Views1like2CommentsUninstall command for AsanaSetup.exe
I am trying to find a way to silently uninstall the Asana app with the Endpoint manager. I found two commands that works locally, but not when i use it in the Endpoint Manager. Install: AsanaSetup.exe -silent Uninstall: %LOCALAPPDATA%\Asana\Update.exe -uninstall or %USERPROFILE%\AppData\Local\Asana\Update.exe -uninstall I'll get this error message back in the Endpoint Manager: Uninstall Failed 0x800700C1 Does anyone know how i can solve this issue? I found a post on Asana's website, but i cannot find a solution for this there.SolvedTechSkillsNov 11, 2024Brass Contributor33Views0likes1CommentFirewall Off despite policy being enabled
In Firewall and network protection, It says Firewall is off for all Network types. However it should be on. Is this normal/expected? However, In Sec. providers, Firewall is enabled. ========== In PS, Firewall appears to be enabled too. C:\Windows\System32>netsh advfirewall Show allprofiles Domain Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Private Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Public Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Ok. =========== In the Intune Firewall Policy the three options are enabled:SolvedAhmedSHMKNov 11, 2024Brass Contributor86Views0likes6CommentsAllow Chrome / Firefox through Conditional Access
Hi All I hope you are all well. Anyway, we have rolled out a CA policy that requires users to be on an Intune enrolled and compliant Windows device. So far, so good. However, a lot of our end users are Front Line Workers who will use browser based Office Web Apps for email etc. The problem is that the CA policy only allows access to M365 resources on Microsoft Edge browser, other browsers such as Chrome, FF get the "you cannot get to there from here" message. The majority of our end users won't know the difference between browsers and will just use anything, so is there a way to extend the CA policy to Chrome and FireFox? Info appreciatedSolved616Views0likes15Comments
Resources
Tags
- Intune3,888 Topics
- Mobile Device Management (MDM)2,112 Topics
- Mobile Application Management (MAM)771 Topics
- Conditional Access427 Topics
- Software Management394 Topics
- Graph API228 Topics
- Azure Friday152 Topics
- Autopilot103 Topics
- Android62 Topics
- iOS51 Topics