Forum Widgets
Latest Discussions
User Profile Deletion
Hi, I have encountered an error when using Intune to delete user profiles. I am new to this and have put bits and pieces together from multiple sources to try and compile a script. I am using a Detect and Remediation Script deployed via Devices > Scrips and Remediation in Intune, to Windows 10 Enterprise 22H2 and Windows 11 Enterprise 24H2. I will attach scripts at the end. My issue is, the scripts detect and remediate as intended on devices that i have recently enrolled. However, we have devices that will have been enrolled in 2023 which doesn't seem to allow the scripts to run. If I then run an autopilot reset on the device, the scripts work fine. The scripts essentials look for user profiles in C:\Users and remove them if they are older than 1 hour. We want to keep disk space as free as possible especially on the lower spec devices. It ignores SYSTEM and any Admin user folder, as we have a separate script to delete the LAPSAdmin only at 8pm, when the workplace is closed. Note: The LAPSAdmin script worked on the older devices before the where autopilot reset. Does anyone know why this could be the case? Does the 1 hour check have issues reaching profiles that are over 2 years old or is there an issue in the script. Thanks, DeanUser Profile Deletion
Hi, I just wanted to pick anyone's brains, in case they have also encountered this or would have any idea why this is the case. I am fairly new to Intune and script writing, to clarify. Basically, we have been working on a Detect and Remediation script that is deployed via Intune (Devices >Ssni Script and Remediations) to Windows 10 (Ent 22H2) and Windows 11 (Ent 24H2) devices. On any fresh enrolled devices, it detects and deletes user profiles completely fine, but fails to even detect profiles on devices that were enrolled a while ago. However, if we run an Autopilot reset on those devices, the script works again. What difference would a freshly built/enrolled device have to an older one, when they also run other scripts fine. The script targets profiles that are older than 1 hour as we want to keep on top of removing profiles consistently to keep disk space low, especially on lower spec laptops. It will exclude SYSTEM profiles and also any *Admin* user folders - as that has a separate script to only delete LAPSAdmin on an evening, when the workplace is closed (8pm UK). This LAPSAdmin script worked fine on the older enrolled devices. Some of the profiles on the machines go back to 2023, is the '1 hour' target not effective against that old of a profile - has it become stale?SS Like I said, I am fairly new to this and have used bits and pieces from different locations to help muster up a script. I thought I had it nailed as it was working on test devices that were just enrolled purely for testing, until I was asked to put it onto another group. Intune doesn't say the script fails - indicating there are no errors. However, I am not saying there isn't. Detect: Remediate: Thanks for your time, Dean
bitlocker epm rule
Hello everyone, i tried to create a rule for the management of bitlocker in intune epm so that on the client side it is possible to manage it myself with the evelation “automatic”, the “manage-bde.exe” was released with path and co. but nothing changes. i still need admin credentials. is there any more information about this? lovely regards
remove intune based kiosk config
I've been experimenting with Kiosk profiles in intune to drive displays in my org. This is working generally well but the other day I wanted to remove the kiosk config so the machine would revert back to a regular login screen upon boot. I deleted the mapping of the machine group to the configuration policy but the kiosk profile continues to apply, or at least the config pushed to the machine that make it auto logon to the kiosk config are still present. How do i properly remove a kiosk profile so it comes off the machine?
Microsoft Intune License not Showing or Applying correctly
HI, So on the endpoint Management Admin Centre I am trying to change the Primary User of a device to a user. The user requires an Intune License. Right now A user has a Microsoft 365 E5 license (Which should include the Intune License) and when I try to change the device's Primary User to the user with the E5 license, I get a message telling me the user does not have an Intune license. I've also checked the Licenses > Agreements Page and there is no Intune option within the license list. Any Ideas?
Azure AD Joined device, without user is local administrator?
Hi, If I reset af Windows 10 device to factory settings, and then after reset logs in using my Office 365 account (With an Enterprise Mobility + Security Licecense added), I then become local administrator. Can we change this behavior somehow? I cant seem to find any valid solution. Or should I enroll the devices using an existing user designed for "Local administrator", and then change user afterwards? Or should I go with a Enrollment manager?
Setting Wallpaper via Intune (Workgroup Environment)
Hello All, We are attempting to set a Windows 11 device wallpaper via Intune using the following configuration: OMA-URI: ./Vendor/MSFT/Personalization/DesktopImageUrl Data Type: String Value: HTTP/HTTPS URL to a JPG/PNG image We used a SharePoint link as the image URL. However, the policy report shows Not Applicable, and the wallpaper does not update. A few questions: 1. Does the URL need to point directly to the image file (e.g., ending in `.png` or `.jpg`)? Our current link is a shared SharePoint URL without a direct file path. 2. The device is in a workgroup setup, and access to the SharePoint file is granted to the user account used to enroll the device in Intune. Could authentication be causing the issue? Although when we open the URL from that device, it redirects and opens the image. What is the recommended approach to applying wallpaper in a workgroup environment with URL using a SharePoint-hosted image? Appreciate your guidance. Thanks.
Device don't report to Windows Update for Business reports
We start using Autopatch. I setup all thigs for this report. Create LA and setup it. https://learn.microsoft.com/en-us/windows/deployment/update/wufb-reports-overview But from 750 device i see only 42. I try creating new LA, and onboard it but number of computers is same. On my NB i try even script but nothing works https://learn.microsoft.com/en-us/windows/deployment/update/wufb-reports-configuration-script Any help?
Autopilot deployment app count jumping around
Hi All! Just a quick post for some clarification. We have multiple Intune deployments for different clients and something we have noticed on at least two of them in the past few days is during the App deployment for autopilot we are noticing that the app count seems to jump around a bit. For example we had a deployment that was on the account setup stage on 5 out of 7 apps, I check it again a couple minutes later and for some reason it is now on 4 out of 7 apps installed. Sometimes it jumps up and down between those two app installs. It does not happen every single time but just wanted to know if anyone else has experienced this? The deployment generally still goes through but just want to to try and find a cause to address before it becomes an issue. Also note that the continue anyway button also shows up despite the deployment still being active sometimes. Thanks in advance!
