Event details
18 Comments
Thank you guys! 👏
Hi, When Intune will get possibility to use Custom Attributes in dynamic Policy assignment for App policy deployment or script policy deployment?
I have a production ADE profile, and I recently created a new one to test LAPS. The new profile works, but my question is: should I move all my devices to this new ADE profile, or is there a better approach?
I also set the new profile as the default enrollment profile, but when I wipe a device, it still receives the ADE profile to which it was originally assigned.
You will have to manually assign to the new profile as automatic assignment only happens on newly synced devices.
IntuneMyMac has the Company Portal install via one of their scripts. Will this work for ADE with PSSO, or do I need to have it as a LOB App?
I deploy via LOB, but either will work.
Usually via script is a little faster which is why they have it in IntuneMyMac, but personally not seen much difference in install speed and preferer to have visibility of all my apps outside scripts.
Can you use the setup assistant panes for enrolling shared devices without user affinity? (bigger use case for shared Education devices)
Can you deploy Apps as available to devices enrolled without user affinity?Hi, Have you been able to enable Platform SSO during ADE enrollment?
We have tried but we're never able to go past the 'sign in to your organization'
We enter our creds and it fails.
We have been using SSO post enrollment without issues for months
Thkslalanc01 have a look at his link, useful resource.
https://intuneirl.com/psso-just-got-smarter-platform-sso-in-macos-setup-assistant-a-deep-dive/
If you still have issues ping me and I may be able to help.Have it working with multiple client including registration during setup.
What are you using secure enclave, password, etc?
Does macOS have a BitLocker To Go equivalent we can manage through Intune? If not, how do we encrypt/manage removable media please?
FieVault can automatically be enabled during setup and key held in Intune, you can also set a recovery options key which I would recommend.
You can use FileVault to encrypt removable media, not sure now it could be done automatically from Intune, but worst case you could use a script.,Thank you Nick 🙏
Also we have found lots of Intune managed settings for Edge on macOS - but barely anything for Safari. How do we manage Safari settings via Intune please?
- Heather_Poulsen
Community Manager
Welcome, everyone, to our June #IntuneForMSPs community meetup. If you have questions at any time during today's session, please post them here in the comments. We'll have time for Q&A at the end of Ugur's presentation.
We are an entirely Intune managed Windows environment, and just starting our Intune managed macOS journey. Really loving how fast macOS builds (ADE/new PSSO) 🥳. One challenge we're facing is the pre-installed macOS apps cannot be uninstalled (where we can uninstall the Store apps on Windows). Other apps install bypassing elevation (same issue as on Windows - e.g. Chrome, Firefox, Zoom etc.). What is the best way through Intune (or other methods) to prevent apps from installing and running on macOS please (ideally using a blocklist)?
