Forum Widgets
Latest Discussions
Cloud PKI SCEP
Hello All, I have setup steps to utilise cloud PKI to issue SCEP certificate to users so they can be used for email security (SMIME). Root and intermediary setup in cloud PKI successfully and configuration profiles for both setup and both are deployed successfully to test devices. When it comes to the SCEP profile, It has also been deployed but no success status showing yet in the report and issuing certificate not showing any leaf certificates. No errors are currently showing and report just says pending. Any Idea what is causing the delay or how to investigate? Thanks in advance.
Removable Media settings tattooed to device
Hello, I created a policy to block USB Removable Media in Configurations > Templates > Device Restrictions > General to block Removable storage, which successfully blocks USB access. However, removing this setting does not revert the block. I noticed the following registry key is created in the device: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices] "Deny_All"=dword:00000001 "MDMRegSet"=dword:00000001 "RebootTimeinSeconds_state"=dword:00000001 "RebootTimeinSeconds"=dword:0000012c Is this the correct registry location for this setting? Even after manually deleting the key, USB access remains blocked. After a reboot, the registry key reappears, even though the policy is no longer assigned to the device in Intune. Can anyone confirm if this is the only registry entry involved, or if additional steps are required to fully remove the restriction? Thanks!
SCCM vs Autopilot
Hi All, i hope i'am writing in the right section. i have a request but before that let me explain the goal and what i'am looking for. in My company , i passed by several migration , and i had to re-deploy machines using 2 ways , USB image and join to domain manually , or using SCCM Server thanks to PXE mode. next migration i will be using Autopilot which i'am not familiar with . the problem i'am facing is , to re-deploy machine , i had to wipe it , install an OS , and start the OS in configuration page then CTRL + SHIFT + D , and from another machine i have to go to Intinues and do lot of stufff there (' like machine tag , add autopilot etc ) and then , back to the machine to continue configuration. i find this very long , and not practical specially if i have lot of machines to deploy in the same time. my question is , is there a simple way to deploy big number of machines using with Autopilot n without doing all these steps i mentioned , i was thinking about , deploying USB image , then perform DSREGCMD /JOIN , to add machine to Azure , but i'am not sure if it is good solution. Thank you in advance
Windows Autopilot Pre-Provisioning (White-glove)
Hi, Does anyone can help what would be the cause of the issue with Windows Autopilot Pre-Provisioning (White-Glove)? We did assign user & grab device hash then deployed to autopilot group. The computer process set up complete properly, device RESEAL. However, we faced issue when we start up the laptop at the login OOBE screen we didn't see the assign user appear? I used to see the login page user UPN already attached, it is just waiting user to put the password only. In my case, the sign in ask user to enter their UPN. Is there any suggestions? Note: Windows 11 23H2, and Windows 11 24H2 through the same behaviour. Thanks, PhearinIntune support of WearOS
We have an application we have developed for a customer which is WearOS native and does not required a paired phone/tablet to function on a Wi-Fi capable watch/wearable. This customer's corporate team requires that all network devices be managed by Intune. Is there a timeline for Intune natively supporting WearOS management? Thank you ScottLocation services 24H2
Hello everyone, I'm having an issue with a bank to access my location with Edge. I manage the pcs with intune and if i open the location to everything it's working but when i keep only Microsoft Edge in the one to have access to my location it stop working, what im doing wrong??? Thanks for your help. here is my config:
