Event banner
Event details
104 Comments
- 1. previously when we do a fresh start to let another staff member to enroll via the autopilot once again (since we can't change the enrolled user and give them admin level) instantly. I believe that machines membership does not get removed. So on a fresh start shouldn't it remove the group memberships of that machine when someone signs into the redeployed machine they do not have those memberships intact. Are we missing a procedure in re-deploying machines to other staff members? 2. when they do a fresh start can we specify to have it download the latest version of the Windows OS?
- We have noticed this too, so would be interested to know too please
- Should I be concerned if the ESP is white sometimes and blue in others?
- Hung_Dang
Microsoft
The ESP has a blue theme in Win10, and a white theme in Win11. That's normal and expected. Hope this helps, Eyad. Have a great day!
- Recently in company we encounter following problem User got autopiloted device but because we use region attribute to assign correct profiles and user get wrong region his device has not been fully autopiloted. Device has not been added into intune(only AAD joined) so was not manageable but user do not have administrator rights. Local administrator disabled. to reset this PC it require administrator right. How to troubleshoot such scenario?
- Hung_DangThis sounds like a profile targeting problem. I'm not sure what "region attribute" means here, but that's where I'd double-check that it got assigned correctly to the right user/device. If you still can't find the root cause, consider filing a support case on the Intune portal. Hope this helps, Kamil. Have a great day!
- Is there a place where Microsoft lists all the policy (Group Policy and Intune) settings they are planning to make obsolete please? A few times now settings have gone obsolete and caught us out
- We track the message centre every day, but have never seen mention of individual policy settings (unless we're missing something obvious/need to enable a specific view?). Some settings in the Intune Settings Catalog have "(deprecated)" next to them and in Group Policy they disappear completely and drop into "Extra Registry Settings", seemingly without warning. So was hoping for a webpage where the individual policy settings are listed that MS are going to make obsolete with an expiry date, so we can plan ahead 🙂
Thanks for participating in today's AMA: Troubleshoot device issues with Intune! For reference, the panel covered this topic at 37:45.
- From my experience most of those updates are sent out through admin portal home->Health->Message center, but it can be overwhelming unless you change the preferences/custom view and check for "Retirement" bucket specifically (also User impact and Admin impact)
- Hybrid Azure AD Joined Device when going through Autopilot, it creates two Devices in Entra. From what I have read that is expected but wondering if that is correct and if so, is there any recommendations to identify these separately from each other.
Thanks for participating in today's AMA: Troubleshoot device issues with Intune! For reference, the panel covered this topic at 40:10.
- We have this too and have been told it is correct
- Hung_DangThis is correct. Autopilot registration precreates the Entra device object. After a device gets deployed via AP-into-HAADJ, the device object also gets created in AD, which syncs it (via the AAD Connector) to Entra during the user ESP. That's why you see two objects in Entra. To identify them, they have the same ZTDID property and have different object types. This is unfortunately a side effect of the two different infrastructures targeted (i.e., Entra by Autopilot, AD by HAADJ) and the necessity to associate them together somewhere. Hope that helps, Ryan. Have a great day!
- I know the Apple related session is coming next, but form the troubleshooting perspective it would be pretty useful to be able to use exit codes for macOS related scripts. Now Intune provide you info on script logs/device if the script ran successfully or you see it has failed. Wouldn't it make sense to be able to define exit codes to let Intune collect the output and give you the desired state in the scripts report?
Thanks for participating in today's AMA: Troubleshoot device issues with Intune! For reference, the panel covered this topic at 35:40.
We're halfway through! Keep those questions flowing and share information about use cases and scenarios you need to support. Post away in the Comments.
- I have duplicate devices Intune (Device ID's) after unenrolling and then re-enrolling under a different user. They don't appear in my devices list, only when I'm adding specific devices to a group. I search for DeviceABCD, and there are 5 different DeviceABCD's with different Device ID's, yet only one of those are active currently. Is there any way to purge those old device ID's?
- Asked last year a similar question regarding that. A switch to cleanup the AAD object when the Intune object is deleted would be more then welcome. 🙂
Thanks for participating in today's AMA: Troubleshoot device issues with Intune! For reference, the panel covered this topic at 32:45.
How do you troubleshoot errors (not conflicts) with configuration profiles, where the error tab in Intune only shows a generic 65000 error code? Sometimes there's an error type of 2. It would be helpful if more specific information was provided.
Thanks for participating in today's AMA: Troubleshoot device issues with Intune! For reference, the panel covered this topic at 31:20.
- This is the main reason I asked regarding policy conflicts 🙂
- Would it be possible to have a visual (perhaps toast?) notification confirming when Autopilot has completed for those who hide User ESP, and a way for admins to report on that please? 🙂
