Event banner
Event details
42 Comments
Is there a known issue when trying to restrict what user can enroll devices into Entra? When I set the device enrollment to a dynamic group of users, the end user is not able to enroll a new AADJ device as they get a message saying they do not have permissions to do so. If I set the "Join device to Entra" to all users, then it works. I confirmed the user is in the dynamic group and correctly licensed when they got the error.
- Jason_Sandys
Microsoft
I'm not familiar with any specific issues on this configuration. I suggest opening a support case to investigate and validate further.
Right now our devices are hybrid joined. If the devices were only joined to the cloud (Entra/Intune), how would that affect accessing on-prem servers that are part of an AD domain?
- Pearl-Angeles
Community Manager
For reference, the panelists covered this topic around 11:58. Thanks!
- Jason_Sandys
Check out How SSO to on-premises resources works on Microsoft Entra joined devices - Microsoft Entra ID | Microsoft Learn for a lot of details on this.
Would going from hybrid to cloud joined devices, would that change the security landscape?
- Jason_Sandys
The move to cloud-native Windows is closely tied with and coincides with Zero Trust. Things like lateral attack vectors (including pass the hash) largely go away with cloud-native Windows along with all of the other benefits of Zero Trust.
Is there a way to remove an Apple DEP connector? We had one connected, but we let it expire and we don't need it anymore. I've not been able to delete the old entry out of Intune.
- benjamin_flamm
Do you mean the enrollment token under Devices > Enrollment > Enrollment program tokens? Steps and requirements to do that are here: https://learn.microsoft.com/en-us/mem/intune-service/enrollment/device-enrollment-program-enroll-ios#delete-an-automated-device-enrollment-token-from-intune. Hope that helps!
- Heather_Poulsen
Welcome to the “Cloud native with Microsoft Intune” AMA at Microsoft Technical Takeoff! Let's get started. Please post your questions here in the Comments. We will be answering questions in the live stream—and others will be answering here in the Comments.
If there are conflicting settings in 2 different policies, intune tells you there is a conflict, is there a current way to see which the 2 policies are that contain the conflicting settings?
- Pearl-Angeles
Thanks for your question! For reference, the panelists covered this topic around 3:34.
Any plans to implement "Remote lock" feature for Windows devices?
- Pearl-Angeles
Thanks for your question! The panelists covered this topic around 5:09, in today's AMA.
Good question, I believe it will a good feature for us.
- Joe_Lurie
KaranS340 I answered this question in the Frontline worker session as well, but in case you missed it, we do not have plans today to implement Remote Lock on Windows devices, but it's feedback that we've heard. Please go to https://aka.ms/IntuneFeedback and upvote (👍) the feedback. Here is a direct link to that feedback.
