Forum Widgets
Latest Discussions
Set Edge as the default browser on Android
Is it possible to use Intune to set Edge as the default browser app for an Android fully managed device? We have an app that goes through an SSO process and uses the default browser for that. The SSO process will fail if the default browser is set to Chrome, but will work when the default browser is set to Edge. The "Restrict web content transfer with other apps" setting doesn't seem to help in this instance. Any suggestions would be appreciated & thanks in advance.GRAPH - Add/remove user to distribution list
Good evening, for about a week, through a small program that uses graph api, the addition / removal of users from distribution lists no longer works; do you have any idea why? I have many processes that use graph api and they never gave me problems; we thought it was a temporary problem, but after a week it still doesn't work (attached the error)
Uninstalling printer queues
Hello, We are going to migrate from shared printers on a server to a new system. We need to delete all the printer queues which are \\server\printer01/02/03.... I tried using remediation script with no luck. Here is the detection part : # Recherche des imprimantes correspondant aux motifs IM?? ou CANON_* $printers = Get-Printer | Where-Object { $_.Name -like '\\server\IM*' -or $_.Name -like '\\server\CANON_*' } if ($printers) { #Write-Output "Imprimantes détectées :" #$printers | ForEach-Object { Write-Output $_.Name } exit 1 # Code de sortie 1 = imprimantes trouvées } else { #Write-Output "Aucune imprimante correspondante trouvée." exit 0 # Code de sortie 0 = aucune imprimante trouvée } and here is the remediation part : # Supprimer les imprimantes contenant "IM" ou commençant par "CANON_" $printersToRemove = Get-Printer | Where-Object { $_.Name -like '\\server\IM*' -or $_.Name -like '\\server\CANON_*' } foreach ($printer in $printersToRemove) { try { Remove-Printer -Name $printer.Name -ErrorAction Stop # Write-Output "Imprimante supprimée : $($printer.Name)" } catch { Write-Output "Erreur lors de la suppression de : $($printer.Name) - $_" } } And the settings : SettingsDetection script YesRemediation script YesRun this script using the logged-on credentials YesEnforce script signature check NoRun script in 64-bit PowerShell No If I test the scripts locally, it works. Any ideas? ThanksFeature Upgrade W11 24H2 not pushing why?
Hi, community i create a feature upgrade to 24H2 who is Rollout immediate start,i have computer who are already either in 21H2/22H2/23H2, and also W10 who are W11 readiness. I dont understand why some are passing a lot of others are still stuck in there build. last thing that i want it's to do a in place upgrade. Is there someone in the community who have the same issue and any solution that i can push for my hundreds of laptop who are stuck. thank you so much for your help it will be a lot :)Deploying Script as Win32 App
Hi all, I created a script that is supposed to check if a certain app was installed from a managed installer, then create a file in the C:\Temp folder if it was installed from a managed installer. I would deploy this as a Win32 app so that I could use the detection rules in the Win32 App deployment to check which device was installed via a managed installer. However, it doesn't seem to work. I created a transcript log as well to check if I would get an output from the variables, but it seems to only run the else block in the If Statement. We use a Business Premium license, so I don't access to Enterprise license capabilities like proactive remediation scripts. It is run using the System credentials, I've tested the script locally which works. Thank you, I've included some images of the script and transcript log. Script: Transcript Log Output:We’re running into an Intune issue where a Win32 app with a dependency sits at "Download Pending"
Setup: Main App: Installs in User Context Dependency: Installs in System Context Dependency Detection: Hosts file modification detection script Direct file detection does NOT work either When the hosts file modification is present (detection is met), detection works, and everything installs fine manually The Problem: If detection passes (exit 0) → Everything installs fine. If detection fails (exit 1) → Intune never moves forward, just stays at "Download Pending" indefinitely. Happens with both file-based detection and script-based detection. Dependency app as well at parent app install fine via Intune on their own as well as manual testing. What We Need to Know: Does Intune get stuck in "Download Pending" instead of moving forward when dependency detection fails? Could the install context mismatch (dependency in SYSTEM, main app in USER) be causing this? Myth or fact? Does Intune break the install process if a dependency app is in system context and the parent app is in user context? Again, both apps work fine independent of each other. Thanks for any help!Subject: Best Practices for Aligning UPNs in Hybrid Entra ID + Intune Environment
Hello, I’m seeking guidance on best practices for aligning user identities in a hybrid Microsoft 365 environment, particularly regarding UPN consistency and device enrollment into Intune. Environment Overview: Client is using a hybrid Azure AD join setup via Entra ID Connect (formerly Azure AD Connect). Devices are domain-joined and enrolled into Microsoft Intune via Group Policy (GPO). Entra ID Connect sync is active with write-back where appropriate. On-premises UPN format: username@domain.local (or .xxx) Entra ID / M365 UPN format: email address removed for privacy reasons (e.g., routable custom domain) Issue: Devices are intermittently failing to enroll into Intune or are not showing up as compliant/joined. Manually updating the on-premises UPN to match the Entra ID UPN (email address removed for privacy reasons) seems to resolve the issue, but this is not yet standardized across the org. It's unclear whether this mismatch is breaking hybrid join and/or interfering with automatic MDM enrollment via GPO. Questions: What is Microsoft’s current best practice regarding UPN alignment between on-prem AD and Entra ID in a hybrid environment? Is it mandatory or strongly recommended to match the on-prem UPN to the Entra UPN (especially when using automatic Intune enrollment)? Could this mismatch be contributing to MDM enrollment issues, and if so, what is the correct process to fix it in bulk? Are there any known caveats or dependencies when changing the UPN on-prem (e.g., impact on Outlook profiles, cached credentials, etc.)? Is there a supported or recommended PowerShell method to audit and align UPNs safely? Goal: We're aiming for consistent, reliable hybrid Entra join with automatic Intune enrollment and minimal end-user disruption. Any insight or guidance is appreciated, especially if there’s documentation or field experience to support it.
Autopilot deployment app count jumping around
Hi All! Just a quick post for some clarification. We have multiple Intune deployments for different clients and something we have noticed on at least two of them in the past few days is during the App deployment for autopilot we are noticing that the app count seems to jump around a bit. For example we had a deployment that was on the account setup stage on 5 out of 7 apps, I check it again a couple minutes later and for some reason it is now on 4 out of 7 apps installed. Sometimes it jumps up and down between those two app installs. It does not happen every single time but just wanted to know if anyone else has experienced this? The deployment generally still goes through but just want to to try and find a cause to address before it becomes an issue. Also note that the continue anyway button also shows up despite the deployment still being active sometimes. Thanks in advance!
Autopilot/Intune Devices not connecting
So I've got my intune configured with basic policies, I've used a script to pull the hashes and upload to Autopilot. I've got Auto Enrollment setup for the groups I need, Deployment Profile and Enrollment Status page set. I cannot get past the login screen on the devices themselves. They are taking the hostname syntax that is setup in the Deployment profile, so I know they're at least reaching Intune initially. I'll login on the device and it'll ask me to select the profile of the user, but then it gets to the spinning screen and stays there, for up to 12 hours I've tried. I am struggling to figure out what is going on, why these devices won't register into Entra and Intune. MDM in Entra is also sync'd with Intune. I've put all the recommended policies on the firewall in place to ensure it can talk to the cloud. It's not showing anything in the Enrollment logs under monitor. I'm able to join these if I create a local profile on the device, and then Access work or school, but I'm trying to have it so they show up as corporate devices and everything is as it should be. Any and all help / suggestions are greatly appreciated!
