Forum Widgets
Latest Discussions
Feature Update Policy relationship to Update Ring Install Schedule
Hoping someone may be able to answer this question. I have not been able to find a definitive answer in KBs. Does the Install Schedule in an Update Ring also apply to Feature Update Policies if the same device group is assigned to both? We are using Intune Windows Update Ring for our monthly updates via an Update Ring. That update has an Install Schedule configured to Install every Tuesday at 11am. We are testing using Feature Update Policies to upgrade W10 devices to W11. So far our tests have been successful but the device group is downloading the Feature Update as soon as it checks in for the Policy and not at this scheduled Install Day/Time in the Update Ring. We are making this a Required update in the Feature Update policy and the Rollout Option is set to "Make Update available as soon as possible" but I guess I thought the Install Schedule in the Update Ring still affected when the installation actually begins. Are the RollOut Options the only way to schedule when the device starts downloading/installing the Feature Update?Podcast Microsoft Ignite E05: Agent Builder
Excited to have Pascal Brunner join me in my Ignite series, where we dive into one of the hottest announcements AgentBuilder In this episode, we break down: -What AgentBuilder is all about. -How it empowers organizations with AI-driven automation. -Key takeaways YOUTUBE https://youtube.com/@shadykhorshed?si=c8CLxoCjMfUMfA19New Blog Post: Android: Browser Access to be Enabled by Default for All Android Users
🔐#Android in #msintune: Upcoming Security Update for Microsoft Entra ID on Android! Starting July 2025, Microsoft Entra ID device registration will be hardware-bound, enhancing security and automatically enabling browser access. 🚀 Key Changes: ✅ Device identities will be tied to hardware for stronger security. ✅ Enable Browser Access (EBA) will be retired. ✅ Browser access will be enabled by default during registration. 📌 No action needed—this change will be applied automatically! Stay informed and prepare for a more secure device registration process. #MicrosoftIntune #MicrosoftEntraID #Android #mvpbuzz https://www.linkedin.com/pulse/microsoft-entra-browser-access-enabled-default-all-android-khorshed-5d8ee?utm_source=share&utm_medium=member_ios&utm_campaign=share_via
Intune for BYOD mobile and Cross tenant compliance
We have 3 separate companies/tenants, and employees need to access mail from each tenant on a single iOS/Android device, with a CA policy requiring compliance or app protection policy. . I understand that Intune MAM currently will not work, but is on the road map for later this year for iOS (not sure on Android) Does Web based / JIT for BYOD work on iOS if I setup Cross-tenant access and enable "Trust compliant devices" trust setting? Or do we have to do full device based MDM enrollment? If not, what do I need to do in this scenario?
Intune/Android - Managing FRP when offboarding devices
Hi everyone, I have this issue with device lifecycle. We use the "FactoryResetDeviceAdministratorEmails" property to enforce certain accounts to be able to recover a device after factory reset, or prevent it from being owned by someone else. But now we have a small issue. What if the device is being sold to someone else? What is the correct way to remove "FactoryResetDeviceAdministratorEmails" from a device before starting a wipe/decommission for a different purpose?No PIN / No Access
Hi All I hope you are well. Anyway, on Android Enterprise Fully Managed devices, I have an ask to to enforce a No PIN No Device Access policy. These devices have the usual, where the PIN requirements are set with a device config policy and then checked with a corresponding compliance policy. But no where can I see "restrict use of the device til a PIN is set" setting. Perhaps it's really obvious but is this possible? Only obvious option I can is in the compliance policy settings on Actions for noncompliance as below: Would this be the appropriate setting or are there others? And if the device is locked, is the user able to set a PIN? Info appreciated. SKAndroid Screen Off if possible!
We have the "Time to Lock screen" set to 1 minute, which is fine, but it stays on the lock screen draining the battery, how do i set the screen to turn off without having to press the power button? i cannot find this in any settings? this sounds like a Basic feature to have! Using a Samsung A9+ Thanks.
Onboarding Devices
Hello, I have a question regarding our Business Premium license. I connected three test devices to Intune, but since these users use BYOD (Windows 11 Home), I did not connect them to Azure AD. I am unsure why these devices are not onboarding, while only my cellphone has successfully onboarded after I installed Defender directly. If the problem is a Business Premium license, what is the best solution to manage users in Defender? Any advice would be greatly appreciated. Thank you.
"Change Primary User" On Device in Intune is Greyed Out
I am an IT Administrator and have all the permissions to manage my businesses Microsoft 365 accounts including Intune. When trying to update and change to primary users for devices in Intune, it is greyed out and doesn't allow me to change it. I need to get this resolved so we can properly have all devices showing the correct users. How can I get this resolved? I've uploaded a screenshot to this message.Intune Settings Catalog - Microsoft Edge - What setting works?
Under the Edge section of the Settings Catalog, we have this: Similar child settings... Similiar description... Only one configuration in the Edge documentation (Microsoft Edge Browser Policy Documentation | Microsoft Learn) Settings in the documentation of course don't reference what is in the Intune settings....not frutstrating at all. So which one works? Or do both work?
