Forum Widgets
Latest Discussions
Android Devices Not Evaluating
Hi All! I seem to encounter this kind of error several times a year for no apparent reason. It mainly happens on the Android side of things on newly created setups, and then corrects itself over time, which sometimes can be weeks. I recently created two Android dedicated device environments. Dynamic group linked to the enrolment profile name, etc etc I scan the device and follow the normal process, device get all the way to the end but doesn't receive its assigned apps. When I check in the Intune Admin Portal, the device is showing as not evaluated. There is no default compliance policy showing and its custom policy. When I click on Managed Apps, the list of apps the device is going to receive are showing as pending install. The Group Membership tab shows the correct dynamic group. So for me, the setup looks good. I have left the device for 24 & 48 hours in case its a sync issue. Enrolled the device via a different WiFi. Wiped the device and left it 24 hours before enrolling it. Checked spelling of groups etc. Anyone else experienced this issue, and found a solution? I have a Teams Meeting with our external support tomorrow, Have a good onePlease explain custom configuration policy oma-uri settings.
I have tried and tried to understand custom config policies. I have read every document Microsoft has on the topic and I have walked away with less understanding than I started. I have never been able to get it to work. I don't understand the premise. I keep having to search for examples but most don't work and most don't detail why or how to get working. It is like Microsoft spent more time not documenting it than just telling us what to do. So please someone can you dumb it down a whole lot? I really want to understand it but I'm just giving up and need a boost to try again.
How to Disable a reboot policy
I created a reboot policy via intune. I set the devices to restart every Tuesday morning at 5. Now the problem is that policy is no longer needed but even after deleting the policy I can’t get rid of it. My machines are still restarting Tuesdays. I went in like some suggested and created a new policy and set the restart time to 0000-00-00T00:00:00Z. I applied it to a few test pcs but I get a failed status for all the pcs. When I go into the policy the error type is 2 and the error code is 65000. Has anyone had a similar issue with disabling a reboot policy?
Cloud PKI SCEP
Hello All, I have setup steps to utilise cloud PKI to issue SCEP certificate to users so they can be used for email security (SMIME). Root and intermediary setup in cloud PKI successfully and configuration profiles for both setup and both are deployed successfully to test devices. When it comes to the SCEP profile, It has also been deployed but no success status showing yet in the report and issuing certificate not showing any leaf certificates. No errors are currently showing and report just says pending. Any Idea what is causing the delay or how to investigate? Thanks in advance.
iPhone setup issue - company portal issue
Hi I have a user who cannot set their phone up. It's all been provisioned ok, but the user cannot set their iPhone up. When they sign into the company portal on the iPhone, it says their credentials are incorrect. She is using her company e-mail address and password, and we know her credentials are ok, as we've tested them signing into her Microsoft account. But company portal on her iphone keeps saying her credentials are incorrect. Can anyone offer any advice? Many thanks Andy
Windows Autopilot Pre-Provisioning (White-glove)
Hi, Does anyone can help what would be the cause of the issue with Windows Autopilot Pre-Provisioning (White-Glove)? We did assign user & grab device hash then deployed to autopilot group. The computer process set up complete properly, device RESEAL. However, we faced issue when we start up the laptop at the login OOBE screen we didn't see the assign user appear? I used to see the login page user UPN already attached, it is just waiting user to put the password only. In my case, the sign in ask user to enter their UPN. Is there any suggestions? Note: Windows 11 23H2, and Windows 11 24H2 through the same behaviour. Thanks, Phearin
Removable Media settings tattooed to device
Hello, I created a policy to block USB Removable Media in Configurations > Templates > Device Restrictions > General to block Removable storage, which successfully blocks USB access. However, removing this setting does not revert the block. I noticed the following registry key is created in the device: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices] "Deny_All"=dword:00000001 "MDMRegSet"=dword:00000001 "RebootTimeinSeconds_state"=dword:00000001 "RebootTimeinSeconds"=dword:0000012c Is this the correct registry location for this setting? Even after manually deleting the key, USB access remains blocked. After a reboot, the registry key reappears, even though the policy is no longer assigned to the device in Intune. Can anyone confirm if this is the only registry entry involved, or if additional steps are required to fully remove the restriction? Thanks!
