Forum Discussion
gtwood
Apr 04, 2023Copper Contributor
Win32 Content Prep tool doesn't work with FIPS mode
This issue on GitHub has been languishing unacknowledged for the past three years.
Since the elder days of yore, the Win32 Content Prep tool - the only option for deploying non-MSI applications through Intune - has been unable to operate on and endpoint which has been FIPSed.
This process has caused much consternation among those of us who must, by reason of government directive, FIPS ourselves and our endpoints for the security of the nation.
I would humbly beseech those who create the great and powerful content prep tool to update it with support for FIPS so that those of us who wish to use it can do so.
GitHub Reference Link Error for Windows Platform FIPS · Issue #33 · microsoft/Microsoft-Win32-Content-Prep-Tool (github.com)
- matt-defcertCopper ContributorI am running into the same issue with quite a few clients that are required to use FIPS mode. Any help on this would be greatly appreciated.
- Pat_FettyMicrosoftHello,
Unfortunately this is 'by design' as we don't have plans on fixing the tool. The workaround for this is to run the tool on a machines/VM that is not in FIPS mode. I know for some customers this can be a pain (I am in the Intune PG and work only with Gov customers)... but at this time, this is the only option available.
Thanks,
Pat- A9G-Data-DroidCopper ContributorRunning a management system running out of FIPS mode would come up as a violation on a security audit. Having a management tool, like InTune, is required. What you are saying is that the only way to use InTune is in a non-compliant way. Which is to say that InTune should not be used in a GCC-High environment. Instead of using multiple tools for the same job this forces government customers to look for other MDM solutions for managing baseline configuration.