Windows Office Hours: June 19, 2025

Thanks for joining Office Hours today. We'll be back next month. Visit https://aka.ms/Windows/OfficeHours for upcoming dates.

We need to migrate our Intune Connector for AD v6.18 to v6.25 before the end of June deadline, but when we sign in as the Intune Admin we get a blank page, followed by this error:-

Hi, what is the recommended way to install a new os-Image on a Surface device in Intune only env. We used the Surface Deployment Accelerator (SDA) but it it was updated 4 years ago. 

Greetings,

We are working with our OEM partner on a "enterprise-ready" Windows 11 image for the Windows 11 PCs we purchase through them. They have provided a POC for us to test. During the testing we determined that remote wipes and resets via Intune do not work. The process fails around 3-4% for each. Per our OEM partner, there is an issue with Windows 11 Enterprise that is causing the issue.

In testing, the only way we can reset the device is to perform a push-button reset from within Windows and use the "download" option. I believe this option may be downloading the fix as it falls in-line with the information in the release note below.

Per the Windows 11 release notes, this may have been resolved with the April 25, 2025, KB5055627 preview update and officially in the May 13, 2025, KB5058411 update. Per the notes:

"Windows Setup Fixed: If you install Windows 11, version 24H2 with Windows Setup and run System Preparation (Sysprep) afterwards, the boot file configuration is not properly updated, resulting in push-button reset options not working."

Can we confirm that the push-button reset fixes are related to remote wipe/resets performed in Intune? Will this fix be added to the Enterprise build of the Windows 11 OS? If so, do we know what build this will be? If not, how can OEM partners ensure the Enterprise build they send to customers includes this fix?

Thank you,

Jeremy

Hi, I am wondering how I get started with utilizing my nonprofit credits for services( Azure,...etc)?  Also, can they be used for Office 365 applications? I have a few licenses that I am paying for directly outside of  my nonprofit subscription. 

Is there a way we can prevent our corporate users from signing into the Edge browser with their work accounts on personal devices, but still allow them to log into apps and things such as Office.com on these personal devices? The personal devices are not registered anywhere in Entra/InTune. With the aim being to allow Edge password manager but prevent them from accessing the saved/synced credentials on non-corporate devices. 

Welcome to Windows Office Hours! In the office today, we have EricMoe​, Joe_Lurie​, Danny_Guillory​, Phil_Urban​, AriaUpdated​, and others.  Let's get started. Post your questions here in the Comments.

Is there a way to download PS scripts once they are uploaded to Intune please? I know you can monitor the local computer ISE folder, deploy the script then quickly copy it but sometimes they disappear too fast. There's just one script we need to get as the person who uploaded it didn't keep an offline copy 🙃. Thank you!

Is there a way to export computer HW Hashes from Intune (like we can with SCCM) please?

Is there a way to for Autopilot to auto-sync timezone/region before it starts please? e.g. if the computers are shipped from one country and Autopiloted in another? Currently we are running a quick PS command/script first to do this as historically it caused issues with Autopilot if the timezone changed halfway through the build.

Or, even better, tell me this is no longer an issue please 🙏