Forum Widgets
Latest Discussions
Cannot enroll azure vm(windows 24H2) in Microsoft company portal
I created a windows VM in Azure. To access company resources on this machine, I attempted to enroll the device through the Company Portal. However, the enrollment failed while setting up the work or school account, with the error message “This connection isn’t secure.” How should I fix this issue?Entra Shared Mode - Force App Stop
Hi All I hope you are well. Anyway, I was asked this yesterday and think I already might know the answer, but here goes. We had an instance of Microsoft Excel stuck in "getting things ready" on an Android Entra Shared Mode Device. Technical Support wondered if there was a way to Force Stop Excel or clear the app data. We had a look in Exit Kiosk Mode, Android Settings, and the Force Stop of Excel said "Action not allowed" and the clear the app data said "Unable to delete data for app" So, my question(s) would be, is going into Exit Kiosk Mode and even trying to force stop / clear data on apps even a valid option, or is this by design? Would adding Excel to this setting help? Any help or confirmation would be greatly appreciated. Stuart
Help creating Device groups
Hi, I'm new to using Intune on a day to day basis, after adding our devices to Intune via our On-prem Active Directory. What's the best practice for organizing our Devices, such as Staff devices and Student devices? I want to create a group for all staff devices and another for student devices. Also, is there any way to auto enroll these pcs in to the correct groups once they're new ones added via our on Prem AD and Entra?
Autopilot enrollment through serial number
I’m working for a reseller, and one of my customers has asked us to enroll their device serial numbers into their Intune/Autopilot tenant. We only have permission to upload devices because we are not their CSP partner. Now the customer wants us to enroll the devices, including their Purchase Order (PO) number, in the Purchase Order field in Intune. The issue is: Because we are not their CSP, the tenant does not allow us to enter or modify the Purchase Order field when we upload devices. My question: Is it possible for a non‑CSP reseller or partner to add a Purchase Order number during Autopilot device enrollment? If not, what options exist for a reseller to ensure that the Purchase Order field is populated?
Unmanaged Microsoft 365 Applications in Intune-Managed Windows 11 Devices
Hello Everyone, We have identified in our Intune environment that several users have installed Microsoft 365 applications outside of Intune on their managed Windows 11 devices (Corporate). Could you please confirm whether these users receive configuration profiles (for Microosft 365 app update enforcement for example)? Additionally, we would appreciate guidance on the best practices for addressing unmanaged application replacements. Thank you for your assistance. :) Best regards,Intune MAM BYOD: Remove Account message for iOS devices
Hello, I am seeing an issue for Intune MAM BYOD(iOS) users. After a user account password reset, it causes Intune to remove the account configured from mobile applications like MS Outlook, Work, OneDrive, etc. Current Intune Configuration: Done - App Protection Policy Done - Conditional access policy --> Grant --> Requires app protection policy (checked) Users had to re-enrol to access his/her data. Here is the screenshot, Thank you,
Intune - ASR Rules - exclusion
Hello, please can anybody give me an advice about Intune exception? We are using N-Able client for computer management and Intune ASR is blocking it. I tried to add exception in rule setting but it has not helped so far. I am getting defender popup with info that risky action blocked Your admin blocker this action. Blocked app or process - winagent.exe Blocked by - surface attack reduction Rule - Block using of copied or personified system tools. There is my exception but it did not helped. Thank you.
Android 15 - CredentialProviderPolicy not surfaced by Intune
I have been having an issue with Android 15 devices. We use Authenticator as our password autofill provider. As soon as a device is updated from Android 14 to Android 15, the password autofill provider is no longer set and the setting to change it is 'blocked by work policy.' I have already tried removing all policies that apply to the devices (device config and device compliance policies) and factory resetting them. Simply having them enrolled as corporate owned fully managed devices causes this to happen. I raised the issue in the Android Enterprise community blog. A link to that is included below. Someone on that thread found that there is a policy in Android 14/15 called the credentialproviderpolicy. When that policy is blocked or unconfigured, this behavior happens. I cannot find anywhere in Intune where I can set this policy. It seems that it is allowed by default when managing Android 14 with Intune, but not set or blocked when the device switches to Android 15. Is there any way to specifically set a policy that is not reflected in the Intune UI? This is a blocker for being able to move more phones to Android 15. Link to Android Enterprise thread: https://www.androidenterprise.community/t5/admin-discussions/android-15-cannot-set-default-password-app/m-p/8827#M2105 Thanks, TomEdge for Android Smartscreen
Hi All I hope you are well. Anyway, is it possible to configure Edge for Android Smartscreen to: Prevent end user bypass Block potential risky downloads I can see various methods and guides pointing to Edge App Configuration policies but just cannot seem to get the this to work on Android Enterprise Fully Managed devices. Any help would be great. SK
