Forum Widgets
Latest Discussions
Time Zone configuration profiles and policies
Hello, I'm trying to find out the way to control "automatic time zone change" option to allow users to turn it off or on. On the Intune side there is a configuration profile using OMA-URI settings ("./Device/Vendor/MSFT/Policy/Config/UserRights/ChangeTimeZone" with string "LOCAL SERVICEAdministratorsUsers"). This one controls whether user can change the Time Zone manually in the Control Panel (the old school way) and it also reflects in the Settings when the "Set time zone automatically" is turned off however we have some users that have this option greyed out and I have not found a way how to change this from the Intune side. Users are normally standard users and they do not have administrative rights by default but they should be able to change some of the settings when they invoke "elevation mode" eg in the 1st picture below if I would switch "Set time zone automatically" on I would be presented with authentication dialog and after authentication the setting would turn on. 1st case - user can change the "set time zone automatically" option on/off but is not in the group that is allowed to manually change the time zone hence it does not even show the time zone choices (this reflects the configuration profile mentioned above) 2nd case - user can change the "set time zone automatically" option on/off and is in the group that is allowed to manually change the time zone => shows additional options Time Zone and DST. 3rd case - user can not change the "set time zone automatically" option at all means can't change the TZ or DST in Settings, but is able to change time zone via Control Panel (see below) And the question for the million $$$ 🙂 is if or where is the option / configuration that makes the "Set time zone automatically" greyed out. Any ideas? ThanksPavelDuda1455Jun 21, 2025Copper Contributor67Views1like1CommentWe’re running into an Intune issue where a Win32 app with a dependency sits at "Download Pending"
Setup: Main App: Installs in User Context Dependency: Installs in System Context Dependency Detection: Hosts file modification detection script Direct file detection does NOT work either When the hosts file modification is present (detection is met), detection works, and everything installs fine manually The Problem: If detection passes (exit 0) → Everything installs fine. If detection fails (exit 1) → Intune never moves forward, just stays at "Download Pending" indefinitely. Happens with both file-based detection and script-based detection. Dependency app as well at parent app install fine via Intune on their own as well as manual testing. What We Need to Know: Does Intune get stuck in "Download Pending" instead of moving forward when dependency detection fails? Could the install context mismatch (dependency in SYSTEM, main app in USER) be causing this? Myth or fact? Does Intune break the install process if a dependency app is in system context and the parent app is in user context? Again, both apps work fine independent of each other. Thanks for any help!gladdin123Jun 21, 2025Copper Contributor199Views1like2CommentsSubject: Best Practices for Aligning UPNs in Hybrid Entra ID + Intune Environment
Hello, I’m seeking guidance on best practices for aligning user identities in a hybrid Microsoft 365 environment, particularly regarding UPN consistency and device enrollment into Intune. Environment Overview: Client is using a hybrid Azure AD join setup via Entra ID Connect (formerly Azure AD Connect). Devices are domain-joined and enrolled into Microsoft Intune via Group Policy (GPO). Entra ID Connect sync is active with write-back where appropriate. On-premises UPN format: username@domain.local (or .xxx) Entra ID / M365 UPN format: email address removed for privacy reasons (e.g., routable custom domain) Issue: Devices are intermittently failing to enroll into Intune or are not showing up as compliant/joined. Manually updating the on-premises UPN to match the Entra ID UPN (email address removed for privacy reasons) seems to resolve the issue, but this is not yet standardized across the org. It's unclear whether this mismatch is breaking hybrid join and/or interfering with automatic MDM enrollment via GPO. Questions: What is Microsoft’s current best practice regarding UPN alignment between on-prem AD and Entra ID in a hybrid environment? Is it mandatory or strongly recommended to match the on-prem UPN to the Entra UPN (especially when using automatic Intune enrollment)? Could this mismatch be contributing to MDM enrollment issues, and if so, what is the correct process to fix it in bulk? Are there any known caveats or dependencies when changing the UPN on-prem (e.g., impact on Outlook profiles, cached credentials, etc.)? Is there a supported or recommended PowerShell method to audit and align UPNs safely? Goal: We're aiming for consistent, reliable hybrid Entra join with automatic Intune enrollment and minimal end-user disruption. Any insight or guidance is appreciated, especially if there’s documentation or field experience to support it.chrisgleason78Jun 21, 2025Copper Contributor19Views0likes1CommentSet Edge as the default browser on Android
Is it possible to use Intune to set Edge as the default browser app for an Android fully managed device? We have an app that goes through an SSO process and uses the default browser for that. The SSO process will fail if the default browser is set to Chrome, but will work when the default browser is set to Edge. The "Restrict web content transfer with other apps" setting doesn't seem to help in this instance. Any suggestions would be appreciated & thanks in advance.Mibo44Jun 20, 2025Copper Contributor48Views0likes1CommentGRAPH - Add/remove user to distribution list
Good evening, for about a week, through a small program that uses graph api, the addition / removal of users from distribution lists no longer works; do you have any idea why? I have many processes that use graph api and they never gave me problems; we thought it was a temporary problem, but after a week it still doesn't work (attached the error)micheleariisJun 20, 2025Steel Contributor15KViews0likes6CommentsUninstalling printer queues
Hello, We are going to migrate from shared printers on a server to a new system. We need to delete all the printer queues which are \\server\printer01/02/03.... I tried using remediation script with no luck. Here is the detection part : # Recherche des imprimantes correspondant aux motifs IM?? ou CANON_* $printers = Get-Printer | Where-Object { $_.Name -like '\\server\IM*' -or $_.Name -like '\\server\CANON_*' } if ($printers) { #Write-Output "Imprimantes détectées :" #$printers | ForEach-Object { Write-Output $_.Name } exit 1 # Code de sortie 1 = imprimantes trouvées } else { #Write-Output "Aucune imprimante correspondante trouvée." exit 0 # Code de sortie 0 = aucune imprimante trouvée } and here is the remediation part : # Supprimer les imprimantes contenant "IM" ou commençant par "CANON_" $printersToRemove = Get-Printer | Where-Object { $_.Name -like '\\server\IM*' -or $_.Name -like '\\server\CANON_*' } foreach ($printer in $printersToRemove) { try { Remove-Printer -Name $printer.Name -ErrorAction Stop # Write-Output "Imprimante supprimée : $($printer.Name)" } catch { Write-Output "Erreur lors de la suppression de : $($printer.Name) - $_" } } And the settings : SettingsDetection script YesRemediation script YesRun this script using the logged-on credentials YesEnforce script signature check NoRun script in 64-bit PowerShell No If I test the scripts locally, it works. Any ideas? ThanksDavid42frJun 20, 2025Copper Contributor22Views0likes1CommentFeature Upgrade W11 24H2 not pushing why?
Hi, community i create a feature upgrade to 24H2 who is Rollout immediate start,i have computer who are already either in 21H2/22H2/23H2, and also W10 who are W11 readiness. I dont understand why some are passing a lot of others are still stuck in there build. last thing that i want it's to do a in place upgrade. Is there someone in the community who have the same issue and any solution that i can push for my hundreds of laptop who are stuck. thank you so much for your help it will be a lot :)Eric_Davignon1Jun 20, 2025Copper Contributor45Views0likes1CommentDeploying Script as Win32 App
Hi all, I created a script that is supposed to check if a certain app was installed from a managed installer, then create a file in the C:\Temp folder if it was installed from a managed installer. I would deploy this as a Win32 app so that I could use the detection rules in the Win32 App deployment to check which device was installed via a managed installer. However, it doesn't seem to work. I created a transcript log as well to check if I would get an output from the variables, but it seems to only run the else block in the If Statement. We use a Business Premium license, so I don't access to Enterprise license capabilities like proactive remediation scripts. It is run using the System credentials, I've tested the script locally which works. Thank you, I've included some images of the script and transcript log. Script: Transcript Log Output:zacJun 20, 2025Copper Contributor33Views1like1CommentIntune not deploying correct M365 Version
Hi, we deploy alle the M365 via Intune. In Intune itself my PC Name is shown as "installed", like all the of rest. For some reason Office on my PC is on Version 2308 instead of 2408. I cannot figure out why. Any ideas?heinzelrumpelJun 20, 2025Copper Contributor61Views0likes2CommentsAutopilot deployment app count jumping around
Hi All! Just a quick post for some clarification. We have multiple Intune deployments for different clients and something we have noticed on at least two of them in the past few days is during the App deployment for autopilot we are noticing that the app count seems to jump around a bit. For example we had a deployment that was on the account setup stage on 5 out of 7 apps, I check it again a couple minutes later and for some reason it is now on 4 out of 7 apps installed. Sometimes it jumps up and down between those two app installs. It does not happen every single time but just wanted to know if anyone else has experienced this? The deployment generally still goes through but just want to to try and find a cause to address before it becomes an issue. Also note that the continue anyway button also shows up despite the deployment still being active sometimes. Thanks in advance!malderton95Jun 19, 2025Copper Contributor78Views1like2Comments
Resources
Tags
- Intune4,139 Topics
- mobile device management (mdm)2,225 Topics
- Mobile Application Management (MAM)819 Topics
- Conditional Access446 Topics
- Software Management440 Topics
- Graph API238 Topics
- Azure Friday163 Topics
- Autopilot111 Topics
- android70 Topics
- ios58 Topics