Event banner
Event details
76 Comments
- Microsoft Intune question: When will Intune have a proper reporting section? The difference between SCCM/SQL and Intune is too big when managing a corporate platform.
- JaySimmons
Microsoft
Hi Oliver thanks for the feedback. No updates to share right now, but the team is always working on improvements.
- Elizabeth_GreeneAfter I add a machine to a group in Entra ID or Intune it takes about 15 minutes before that machine receives any of the policies assigned to that group. Is there any way to make that faster? Rebooting the machine or forcing a sync doesn't seem to work. It's very frustrating when you're working on a business down issue and stuck waiting for group updates. Thanks!
- I have heard Intune communications aren't compatible with SSL inspection, which many companies use on their firewalls nowdays... you can test for network issues being a culprit by installing WARP from Cloudflare or some other VPN and see if stuff comes through.
- Looking to leverage our new InTune setup and integrate with Azure Virtual Workstations (VDI) for a more robust configuration which is more automated and more protected. Is there a recommended way to 'join' these workstations? Can they still use the Enterprise version of Windows? Any preferred documents for this process? Thank you.
- EricMoe
Hi there! Yes, you can definitely leverage Azure Virtual Desktop with Intune! The documentation can be found here Using Azure Virtual Desktop single-session with Microsoft Intune | Microsoft Learn, which walks through how to configure the desktops to get enrolled into Intune. There are some pre-requisites, namely Windows 10 Enterprise v1809 or newer, or Windows 11, and are personal remote desktops. Check out the full article for more details. The article cross-references Microsoft Entra joined session hosts in Azure Virtual Desktop | Microsoft Learn which will walk through some additional details on "how to." I hope this helps!
- Thanks - I'll check that out, we are current standing up VM's for our consultants in Azure, but it requires us to expose a public IP, not the way we would like to do this. So looking forward to the better option with Intune .
- Joe_Lurie
Eric will answer your question. I just wanted to share this with you
- LOL.. Thanks for the correction 🙂
Microsoft intune question (S) : --When will we see the bulk actions get a refresh? if I want all my devices to sync why does it require me to click 800+ devices. this needs to be improved upon and my company would enjoy to see all devices sync when a new policy is taking its time to implement. -- Also, the new windows store through Intune. I find that I cant get any apps for my company since they either don't update (new devices will get the new adobe but if you installed adobe 2 months ago, you don't get updated to the new one through intune). Microsoft teams got ripped out of the 365 installer, it doesnt apply anymore. yet the windows store (new) microsoft teams installer is "out of date". when will we see meaningful improvements to the store and 3rd party application updating. -- Device Model driver updates, this is a fantastic feature...however, i find parsing through the updates and seeing it only applies to 1 machine quite messy. there is no explanation of what the update is or its version or what came before it..if its a sequential update. I have to lookup the update on the microsoft update catalog manually to get any information. I would like to see this improved upon as well.
David_GuyerHi Adam,
Thank you for your feedback, there's a lot in there! I can share this feedback with the various teams. I know at least some of these are being investigated right now.
-David
- Hi David, I apologize for putting so much. Thank you for sharing with the teams. Any sort of notice of the feedback is appreciated. Glad to know some are already being investigated
When will we see the bulk actions get a refresh? if I want all my devices to sync why does it require me to click 800+ devices. this needs to be improved upon and my company would enjoy to see all devices sync when a new policy is taking its time to implement.
Amen, brother!
- Ditto. Same here.
- Hi All! This is Thomas from Microsoft! There's a great crew here to answer your questions this morning. Joining me is Joe, Dan, Eric, Aria, Jay, and David. We'll do our best for you today!
- Topic: Intune EPM fails with Win11 23H2 devices. I opened a case with Microsoft and they ended up confirming with the Intune development team that EPM doesn't work with Win11 23H2. They said that a fix would be coming and to be patient. Has anybody heard anything else? This is a major pain in the elbow since we rely on Company Portal for all of our software installations.
- Joe_Lurie
Hi joemclain I'll answer this in your below comment as well. EPM should work with Windows 11, 23H2 as long as you have this KB installed: KB5031455.
We'll make sure Support knows this as well 😊
- Thanks much, sir! We have all Windows Updates to be picked up within a couple weeks of release via Intune so it seems like our systems should have them but we're grabbing a machine off the shelf to confirm and test with right now. Nothing like real time engagement!
- Could a "Clear all" button be added to credential manager?
- As for adding a formal feature, I will follow up with the Credential Manager team, I don't have (nor share) visibility into their roadmap. However, I was able to find a means of doing so through creation of a batch file via Github: https://www.thewindowsclub.com/clear-all-credentials-from-credential-manager. I hope this helps.
- Thanks for the suggestion, I've added a similar script to Software center for our helpdesk Team to be able to clear it easily. Our helpdesk manager was just asking about getting it added directly to credential manager.
- Are there any updates on adding GPP (Group Policy Preferences) like registry, files, shortcuts in Intune?
- Joe_Lurie
Vinod7 We are still working to add some of the GPPs into Intune. Keep an eye on the https://aka.ms/M365Roadmap and the https://aka.ms/IntuneInDev page.
- When will the Windows update made easier to troubleshoot on Windows 10 devices. Today if something is failing to update, it is very difficult to troubleshoot as the logs are not easier to read. Must scramble around or the raise a support case for every single issue. it is painful and time-consuming job. Also, the reporting in Intune is terrible today. We have been hearing for last 3 years that Intune reporting will be improved but there is no sign on it. This is one of the main reasons we are not moving to Intune completely, still relying on SCCM.
- Elizabeth_GreeneGood morning. Have you seen the new Windows Update for Business Reports feature? Instructions on how to set it up are here, and there are workbooks to view the data in Azure or the M365 Admin center. https://learn.microsoft.com/en-us/windows/deployment/update/wufb-reports-overview Additionally, Aakanksha Saxena has published an amazing PowerBi report to visualize the data here https://techcommunity.microsoft.com/t5/windows-it-pro-blog/tailor-windows-update-for-business-reports-with-power-bi/ba-p/3978975 (If you don't read anything else in this post, click through that link and look at the screenshots. It's fantastic stuff.) This works for both either Intune or SCCM managed machines and independent of Entra, hybrid, or domain join.
- Windows update for business report is also not helping us. The data are never right. Very inconsistent. Like in intune patch report it shows as 33 device where as in other report it shows as 25. So which one should we with?
- David_Guyer
Hi,
Improving the Windows update troubleshooting capabilities is something that is being looked into. There are a few good troubleshooting guides online that you can use today:
HTH,
-DG
- AriaUpdatedGreat feedback! 100% understand. We should have some improvements on the troubleshooting side coming soon. Have you taken a look at the Autopatch reports? What is missing from reporting that you would like to see as we provide further improvements in that space?
- The reports are not up to date. We have an support case for it. Earlier last week it showed few of our device in our feature report and from this week it is showing us only one device in the feature update report. Very inconsistent.
- Is there a way to prevent admin users from changing the UAC setting, either through registry settings or Intune? We configure the "Administrator elevation prompt behavior" UAC setting through the Security Baseline. However, admin users can change or turn off UAC and this will stay until the devices syncs or is restarted. This leaves the device vulnerable for up to 8 hours. We changed this setting in the Security Baseline to "not configured" and created a configuration profile to set it. Most settings that get configured using a configuration profile are greyed out, but that is not the case for UAC.
- This isn't a solution but it may be a partial workaround for you, Mike. Admin users are allowed to change UAC settings by design but if you use Intune, you can probably create a proactive remediation that checks to see if UAC is disabled and flips the switch.
- Joe_Lurie
Thanks for the questions MEB2004. There's very little we can do to prevent an admin user from circumventing policy. However, we have a new feature in Intune that makes it easier to keep your users as standard users while elevating app installs and such. This is called Endpoint Privilege Management. You can learn more about EPM here: Learn about using Endpoint Privilege Management with Microsoft Intune | Microsoft Learn
