Event banner
Event details
25 Comments
That concludes our Unpacking Endpoint Management for today. We’ll be back next month!
In addition to the questions posted on this page, we also answer questions posted in reply to the event on LinkedIn and X (Twitter) -- as well as open questions in the Intune community. Here are the questions we answered today:
From Tech community -- I want to automatically register my computers in Intune. The computers are already in a local domain and registered in Entra. I’ve enabled automatic registration in Azure and Intune but I’m encountering an error that seems to direct me to a hybrid configuration joined with Entra. I’ve noticed that the hybrid join option is a temporary status that we shouldn’t maintain for an extended period. Is this accurate? - answered at 7:30
From Tech community -- I'm relatively new to admining Intune. I have been set a task to create a policy that excludes users from using any M365 resources on their personal mobile phones. I am hitting a wall with how to achieve this. Any help would be appreciated. - answered at 17:45
From LinkedIn -- Hi guys, please share your idea the best enrollment type to enroll bulk devices to Intune. These are Windows devices already joined to Active Directory. - answered at 31:55
From LinkedIn -- How does Autopilot work in hybrid joined scenarios? - answered at 42:30
From LinkedIn -- Can we talk about keeping our Autopilot applications up to date? - answered at 46:40
From LinkedIn -- If I remove a hybrid-joined Intune compliance device from on-prem AD, will it also be removed from Intune or only from Azure AD? - answered at 48:25
From LinkedIn -- Is anyone managing Windows 365, single and multi-session remote desktops with Intune? Best practices? Recommendations? - answered at 49:15
From LinkedIn -- Does Intune driver management manage BIOS firmware updates as well? - answered at 50:45
From LinkedIn -- What's the best way to forcefully push policy to a device? - answered at 51:30
- What is the easiest way to clean up old devices whether they are iPhones, windows, or Macs?
- How common is Autopilot into Comanagement? We are seeing issues with using a task sequence, with ProvisionTS, where the task sequence is not respected during ESP, and continues beyond the User ESP on the desktop. We are seeing conflicting verbiage in the material for using the Intune override settings.
- hybrid Joined windows 10 and 11 devices bitlocker silent encrypition not working receving error eventes Group policy prevents you from backing up your recovery password to Active Directory for this drive type. For more info, contact your system administrator.
- When deploying applications (Win32 apps) via Intune, the application can take a while to sync down to the machine and install, we can use the sync buttons within the machine and on the management page to sync the machine quicker, however we find that the application can still take 15 to 20 minuets to download and install. Is there a way, other than using Company Portal to instantly install applications to machines?
Thanks for participating in today's episode of Unpacking Endpoint Management! For reference, the panel covered this topic at around 33:10.
- Hi james/johannes and danny :)!
Did 'Auto-update available with Win32 app supersedence' (Latest Intune update on version 2404) make any difference with the Enterprise Catalog App, which already has the same upgrade capacity?
Thanks for participating in today's episode of Unpacking Endpoint Management! For reference, the panel covered this topic at around 30:45.
- It seems to me that moving away from ADDS won't fit all business out there whether they're public or private. ADDS itself hasn't being "updated' or got great features compared to what cloud-based scenario has given and on the top of that MDI (Microsoft Defender for Identity) can fill in the gaps when it comes to having hybrid-environment with ADDS and other requirements. From a daily basis project standpoint perspective, PLANNING is the answer. However, having SCCM (co-managed or not) or with CMG and other security vendor features altogether increase the chances of a business not being able to move to a modern-workplace scenario (Entra ID joined only which helps to lift and shift device deployment, management with ZTA approach) and here I've seeing majority of the biggest challenges.
- Actually turning off on-prem AD is on the roadmap of very few customers I speak to. Hybrid Identity is likely to persist for a decent amount of time. The actual blockers to still aiming for cloud-native devices is still relatively small and that's the real goal. You can't modernise in a vacuum, and a business needs to assess everything else too, from applications, network equipment, where data is stored, as well as processes that tie into those things.
- What's the best approach to provisioning Multi-User devices in a Hybrid scenario as Self-Deployment Autopilot is not an option for Hybrid devices. Unfortunately there are some environments that have legacy applications that still use device based auth (stopping us from deploying Entra ID only devices) and tight budgets mean delivering those application using a remote app is not a viable option. Some of the documentation (be it a few years old) seems to suggest using user driven autopilot with something like a DEM account to get the device Autopiloted in a Hybrid state, then removing the primary user from Intune...but this seems clunky and isn't specifically outlined in the docs as supported.
Thanks for participating in today's episode of Unpacking Endpoint Management! For reference, the panel covered this topic at around 25:05.
- What is your preferred method for unattended remote access to endpoints managed by Intune, given that Remote Help does not support unattended access?
Thanks for participating in today's episode of Unpacking Endpoint Management! For reference, the panel covered this topic at around 16:15.
