Event banner
Event details
82 Comments
- Heather_Poulsen
Community Manager
"Shameless plug" from Steve Thomas
A framework for Windows endpoint management transformation - This is a great resource, folks!
- What issue will hybrid AD place to Windows 11 device identity. Can I get a link to the block mentioned.
- Jason_Sandys
Microsoft
Hi Christian Zenzano, can you be more specific on your question? I'm assuming it was in reference to something said in the live chat but I'm not sure what that was.
- How are you liking today's session? Is this session valuable and would you like to see more product teams run Tech Community Live experiences like this? Reply in the comments, your feedback will make these sessions more useful for everyone.
- Love having the ability to interact directly with the Team! Thank you for all you guys have done for the MSP community!
- Making Edge the Default Browser: Is there a simple way to enforce this today on devices enrolled in Endpoint Manager? Our customers would like the ability for us to centrally control this and prevent the user from changing it back to Chrome/FireFox/Insert Name here
- Awesome! I have had trouble finding the setting. Used to be easy to find a few months ago. Can you post an example? PS we only do Intune Fully Managed these days. 😄
- Do you see the ability to build dynamic groups based on installed programs in the future? It would be very helpful in multiple applications if policies could target devices that are applicable to them (ie: adobe reader vs adobe pro as a default program)
- Jason_Sandys
Hi mikeh14, assuming this is in reference to targeting application assignments within Intune, then no, there won't be anything specific to AAD groups since AAD has no visibility into information on managed endpoints like installed software. However, the recently introduced [Assignment] Filters functionality in Intune does add advanced targeting capabilities and there are many discussions underway about what to include next for Filters. To ensure you voice is heard on this, please file feedback directly in the MEM admin console on this.
- Can we please have User Based filters? 😄
- Jason_Sandys
Hi David_Swenson, can you expand on your user case here and provide some examples of filter criteria that you'd like to see, please?
David_GuyerDavid, can you provide a little more information about how you'd like to use User Based filters? I'm also curious if you have seen the Filters preview in Intune, while it doesn't include user values, I'm curious if the Filters preview has the right experience you'd like for User Based filters, or if you are looking for something different. -DG- David, We use Device Filters EXTENSIVELY and LOVE em! However, often times we would like to be able to create filter based on User's Azure AD Profile values: EX Department, Role, Office Location... This would help us make our application deployment much cleaner.
- What kind of Device Filters and/or Device Properties available to Dynamic azure groups will be available for Cloud pcs
- We're just starting to manage Win 10 devices via Intune. Getting Hybrid-joined PCs to enroll via GPO is very inconsistent. Some PCs never enroll. We can't seem to find any specific reason. The job is running but nothing happens and there are no errors in the event logs. I need better guidance and tools to diagnose the blocks to enrolling.
- Jason_Sandys
Hi rejohnson, this question was mostly addressed during the live chat, but just to add some supplemental troubleshooting information and guidance, please see https://docs.microsoft.com/en-us/azure/active-directory/devices/troubleshoot-hybrid-join-windows-current.
Additionally, always keep in mind the HAADJ requires a user to login for the process to complete and there must be line of site to an on-premises domain controller at this time as well. These are the two most common reasons for latency in the overall HAADJ status and progress within an organization IME.
- Will End point management capabilities for non Intune products like Workspace One be available on launch. Or will the focus be 1st and best on Windows.?
- Jason_Sandys
Hi Christian Zenzano, that's a question for your other-than Microsoft MDM provider but all capabilities that Intune leverages to manage endpoints (Windows and other platforms) are available to other vendors as well. While we do consider Intune as part of premiere offering (as part of MEM), the management capabilities themselves are part of the OS platform and open for others to use.
- Windows Information Protection Question, This has become a HOT item during (especially during the pandemic with Remote Work). Are there plans to improve in-box reporting for Windows Devices governed by an Application Protection Policy. Many of our MSP partners have trouble sorting through these reports as they present today.
- Follow up question: Is this coming to MacOS?
- Jason_Sandys
Hi David_Swenson, Microsoft Endpoint DLP is the best path forward for protecting data on Windows Devices. See Learn about Microsoft 365 Endpoint data loss prevention - Microsoft 365 Compliance | Microsoft Docs for many more details.
As for macOS, there are investigations underway, however, macOS, being an open platform similar to Windows in nature, requires a lot more work and coordination with Apple and well as app developers to create any sort of similar solution and thus there is nothing to share on this topic.
