Forum Widgets
Latest Discussions
Cloud PKI SCEP
Hello All, I have setup steps to utilise cloud PKI to issue SCEP certificate to users so they can be used for email security (SMIME). Root and intermediary setup in cloud PKI successfully and configuration profiles for both setup and both are deployed successfully to test devices. When it comes to the SCEP profile, It has also been deployed but no success status showing yet in the report and issuing certificate not showing any leaf certificates. No errors are currently showing and report just says pending. Any Idea what is causing the delay or how to investigate? Thanks in advance.Removable Media settings tattooed to device
Hello, I created a policy to block USB Removable Media in Configurations > Templates > Device Restrictions > General to block Removable storage, which successfully blocks USB access. However, removing this setting does not revert the block. I noticed the following registry key is created in the device: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices] "Deny_All"=dword:00000001 "MDMRegSet"=dword:00000001 "RebootTimeinSeconds_state"=dword:00000001 "RebootTimeinSeconds"=dword:0000012c Is this the correct registry location for this setting? Even after manually deleting the key, USB access remains blocked. After a reboot, the registry key reappears, even though the policy is no longer assigned to the device in Intune. Can anyone confirm if this is the only registry entry involved, or if additional steps are required to fully remove the restriction? Thanks!drivesafelyApr 21, 2025Brass Contributor44Views0likes3CommentsSCCM vs Autopilot
Hi All, i hope i'am writing in the right section. i have a request but before that let me explain the goal and what i'am looking for. in My company , i passed by several migration , and i had to re-deploy machines using 2 ways , USB image and join to domain manually , or using SCCM Server thanks to PXE mode. next migration i will be using Autopilot which i'am not familiar with . the problem i'am facing is , to re-deploy machine , i had to wipe it , install an OS , and start the OS in configuration page then CTRL + SHIFT + D , and from another machine i have to go to Intinues and do lot of stufff there (' like machine tag , add autopilot etc ) and then , back to the machine to continue configuration. i find this very long , and not practical specially if i have lot of machines to deploy in the same time. my question is , is there a simple way to deploy big number of machines using with Autopilot n without doing all these steps i mentioned , i was thinking about , deploying USB image , then perform DSREGCMD /JOIN , to add machine to Azure , but i'am not sure if it is good solution. Thank you in advanceRamRam2025Apr 18, 2025Copper Contributor125Views0likes8Commentsmonitor the client certificate expiration dates
I would like to monitor the client (windows) certificate expiration dates on the clients and be informed shortly before the expire. Is this possible with Intune and can you please give me a hint how? Thanks for your supportStefan31Apr 18, 2025Copper Contributor36Views1like2CommentsWindows 11 PRO OEM on HP Devices
Hy, I have a kind of problem, our HP devices are shipped with a Windows 11 Pro OEM. We have Enterprise Mobility + Security E5 licenses which should support the upgrade process from W11 Pro to the Enterprise version, but this is not happening. Requirements: Ensure that your device is running a supported version of Windows Pro and that the user is assigned an appropriate EMS license (e.g., E3 or E5). The device must also be joined to Azure AD or hybrid Azure AD joined. The requirements are fulfilled, but still no activation after deployment using APv2. Does anyone have any ideas?SolvedBogdan_GuineaApr 18, 2025Brass Contributor117Views0likes7CommentsMicrosoft 365 - Intune Windows Autpatch
Hello, I have a Microsoft 365 Business Premium license and would like to set up Windows Autopatch. However, I’m unable to find the Windows Autopatch section under Tenant Administration. Could you please assist? Thank you in advance. Regards MarioMariol79Apr 18, 2025Copper Contributor55Views1like2CommentsPreventing a data spill from a company M365 profile to a personal M365 profile on iOS
Apologies if this has been answered elsewhere but I am struggling to understand the art of the possible here. I know that M365 iOS apps can handle multiple M365 accounts and specifically can handle a user having a work based M365 account and a personal M365 account. My question is whether you can configure Intune to mange the accounts so that the user can't accidentally or intentionally migrate data from one account to the other? Although my iOS devices are company assets and use Intune to manage app protection policies for the corporate apps (outlook and all the MS Office apps), some of my users would like to be able to also access their personal M365 accounts and be able to use the same apps specifically OneDrive and MS Office apps. Is there a way to allow this without a user opening up a file from one account and saving it, sending it, or or copying/pasting it to the other account? If this is possible could you please point me in the right direction to where I can find out more about making the appropriate app protection policies, conditional access controls and app based critical protections? Many thanks in advance!!SolvedcnewhouseApr 18, 2025Copper Contributor48Views0likes3CommentsWindows Autopilot Pre-Provisioning (White-glove)
Hi, Does anyone can help what would be the cause of the issue with Windows Autopilot Pre-Provisioning (White-Glove)? We did assign user & grab device hash then deployed to autopilot group. The computer process set up complete properly, device RESEAL. However, we faced issue when we start up the laptop at the login OOBE screen we didn't see the assign user appear? I used to see the login page user UPN already attached, it is just waiting user to put the password only. In my case, the sign in ask user to enter their UPN. Is there any suggestions? Note: Windows 11 23H2, and Windows 11 24H2 through the same behaviour. Thanks, PhearinphearinApr 17, 2025Copper Contributor58Views0likes2CommentsIntune support of WearOS
We have an application we have developed for a customer which is WearOS native and does not required a paired phone/tablet to function on a Wi-Fi capable watch/wearable. This customer's corporate team requires that all network devices be managed by Intune. Is there a timeline for Intune natively supporting WearOS management? Thank you ScottScottBurnsApr 17, 2025Copper Contributor24Views0likes1CommentLocation services 24H2
Hello everyone, I'm having an issue with a bank to access my location with Edge. I manage the pcs with intune and if i open the location to everything it's working but when i keep only Microsoft Edge in the one to have access to my location it stop working, what im doing wrong??? Thanks for your help. here is my config:Mathg76Apr 17, 2025Brass Contributor86Views0likes1Comment
Resources
Tags
- Intune4,082 Topics
- Mobile Device Management (MDM)2,202 Topics
- Mobile Application Management (MAM)813 Topics
- Conditional Access445 Topics
- Software Management434 Topics
- Graph API237 Topics
- Azure Friday162 Topics
- Autopilot109 Topics
- android68 Topics
- ios56 Topics