Forum Widgets
Latest Discussions
Work Profile Contacts in Android Auto BYOD
Hey there, is it possible to List the Contacts from the Android Work-Profile in Android Auto? People in our Organization are not able to search for Work-Profile-Contacts via Android Auto. When Contacts from the Work-Profile are calling, the Name is showing up correctly and is also correctly displayed in the caller history, but when using the Phone app on the cars display it's not possible to find the contacts. What have we tried so far: Installed Android Auto App on Work-Profile Enabled "Connected Apps" Contact Sync via Outlook App Contact Sync via Gmail / Google Contacts Installed Google Phone App on both profiles and set it to the Default call Application Installed Samsung Phone App on both profiles and set it to the Default call Application Enabled the Work Profile Switch in the Android Auto setting (seems only usefull for notifications) Tried different Phone and Car Vendors One more Information: When Using the Call or Contact App on Personal-Profile and searching for Work Contacts, they are showing up as expected. I believe maybe it's not supported by Google? Is anybody facing the same issue or are there some Workaround i have not thought about=
remove intune based kiosk config
I've been experimenting with Kiosk profiles in intune to drive displays in my org. This is working generally well but the other day I wanted to remove the kiosk config so the machine would revert back to a regular login screen upon boot. I deleted the mapping of the machine group to the configuration policy but the kiosk profile continues to apply, or at least the config pushed to the machine that make it auto logon to the kiosk config are still present. How do i properly remove a kiosk profile so it comes off the machine?
User Profile Deletion
Hi, I just wanted to pick anyone's brains, in case they have also encountered this or would have any idea why this is the case. I am fairly new to Intune and script writing, to clarify. Basically, we have been working on a Detect and Remediation script that is deployed via Intune (Devices >Ssni Script and Remediations) to Windows 10 (Ent 22H2) and Windows 11 (Ent 24H2) devices. On any fresh enrolled devices, it detects and deletes user profiles completely fine, but fails to even detect profiles on devices that were enrolled a while ago. However, if we run an Autopilot reset on those devices, the script works again. What difference would a freshly built/enrolled device have to an older one, when they also run other scripts fine. The script targets profiles that are older than 1 hour as we want to keep on top of removing profiles consistently to keep disk space low, especially on lower spec laptops. It will exclude SYSTEM profiles and also any *Admin* user folders - as that has a separate script to only delete LAPSAdmin on an evening, when the workplace is closed (8pm UK). This LAPSAdmin script worked fine on the older enrolled devices. Some of the profiles on the machines go back to 2023, is the '1 hour' target not effective against that old of a profile - has it become stale?SS Like I said, I am fairly new to this and have used bits and pieces from different locations to help muster up a script. I thought I had it nailed as it was working on test devices that were just enrolled purely for testing, until I was asked to put it onto another group. Intune doesn't say the script fails - indicating there are no errors. However, I am not saying there isn't. Detect: Remediate: Thanks for your time, Dean
VPP Apps Not Installing via Intune – Error 0x87D127DB Despite Valid Configuration
Hi everyone, We’re currently using Microsoft Intune in combination with Apple Business Manager (ABM) to provision iPhones in our organization. Our setup has worked reliably until recently: in April/May, we successfully deployed 50 iPhones without any issues. However, for the past 10 days, we’ve encountered a persistent issue: VPP apps are no longer installing automatically on newly enrolled devices. ✅ What’s working: Device registration in ABM Syncing devices from ABM to Intune Device renaming, resetting, and syncing via Intune Uninstall Apps using uninstall group of the deployment configuration on existing devices) Disabling devices in ABM and syncing changes to Intune Purchasing new apps in ABM and syncing them to Intune App license counts (total, used, available) are correctly shown in Intune ❌ What’s not working: VPP apps are not being installed. Only one or two icons appear on the home screen with a cloud symbol. Tapping them prompts a message that the app must be downloaded from the App Store. Intune consistently shows the following error: “App installation failed. 0x87D127DB (Unknown)” Occasionally, a message appears stating that VPP licenses could not be found, although all apps have sufficient licenses and Intune reflects this correctly. Troubleshooting steps taken: Devices have been reset multiple times New apps were purchased and assigned with a minimal configuration (one required group) All certificates (MDM push, VPP token, enrollment token, Apple SCIM token) are valid Apple Business Support confirms their services are operational Microsoft Support has not provided a resolution and suspects the issue lies with Apple Apple, in turn, refers us back to Microsoft At this point, we’re stuck between both vendors and are hoping someone in the community has encountered this issue or found a workaround. Has anyone else experienced this behavior or found a solution for the 0x87D127DB error with VPP apps in Intune? Thanks in advance for your help!User Profile Deletion
Hi, I have encountered an error when using Intune to delete user profiles. I am new to this and have put bits and pieces together from multiple sources to try and compile a script. I am using a Detect and Remediation Script deployed via Devices > Scrips and Remediation in Intune, to Windows 10 Enterprise 22H2 and Windows 11 Enterprise 24H2. I will attach scripts at the end. My issue is, the scripts detect and remediate as intended on devices that i have recently enrolled. However, we have devices that will have been enrolled in 2023 which doesn't seem to allow the scripts to run. If I then run an autopilot reset on the device, the scripts work fine. The scripts essentials look for user profiles in C:\Users and remove them if they are older than 1 hour. We want to keep disk space as free as possible especially on the lower spec devices. It ignores SYSTEM and any Admin user folder, as we have a separate script to delete the LAPSAdmin only at 8pm, when the workplace is closed. Note: The LAPSAdmin script worked on the older devices before the where autopilot reset. Does anyone know why this could be the case? Does the 1 hour check have issues reaching profiles that are over 2 years old or is there an issue in the script. Thanks, Deanbitlocker epm rule
Hello everyone, i tried to create a rule for the management of bitlocker in intune epm so that on the client side it is possible to manage it myself with the evelation “automatic”, the “manage-bde.exe” was released with path and co. but nothing changes. i still need admin credentials. is there any more information about this? lovely regards
Microsoft Intune License not Showing or Applying correctly
HI, So on the endpoint Management Admin Centre I am trying to change the Primary User of a device to a user. The user requires an Intune License. Right now A user has a Microsoft 365 E5 license (Which should include the Intune License) and when I try to change the device's Primary User to the user with the E5 license, I get a message telling me the user does not have an Intune license. I've also checked the Licenses > Agreements Page and there is no Intune option within the license list. Any Ideas?
Azure AD Joined device, without user is local administrator?
Hi, If I reset af Windows 10 device to factory settings, and then after reset logs in using my Office 365 account (With an Enterprise Mobility + Security Licecense added), I then become local administrator. Can we change this behavior somehow? I cant seem to find any valid solution. Or should I enroll the devices using an existing user designed for "Local administrator", and then change user afterwards? Or should I go with a Enrollment manager?
