That's a wrap for Office Hours. We'll be back next month and the third Thursday of every month! Visit https://aka.ms/Windows/OfficeHours for future dates and times.

There is another way to rename a Device Name, instead of using a Deployment Profile.
Like a Configuration Profile or something similar, it was to apply in a Autopilot Device Preparation 

We're having an issue at one location where sporadically devices (regardless of which tenant they're in) change their aparant location and timezone to Singapore.

I personally suspect a nearby AP or Cell tower has it's BSSID listed as being in that location: Microsoft account | Privacy

Is there an easy way to inventory which BSSID's are nearby, including their reported location in that database?



"

Opt out of location services

To provide location services, Microsoft assembles and maintains a database that records the location of mobile cell towers and Wi-Fi access points. If you would like your Wi-Fi network to be excluded from supporting location services, submit the MAC address of the hardware that broadcasts your Wi-Fi signal. It can take up to 5 days for this address to be added to the block list.The MAC address for a Wi-Fi access point (such as a wireless router) is a 12 character code that you can usually find on a sticker located on the bottom of the device. If no sticker is present, you can also find the MAC address through the utility used to manage your wireless network.Microsoft takes measures to protect our services, including the block list for Wi-Fi devices, from fraudulent requests and security attacks. If a request seems problematic, it may not be added to the block list."

I've noticed the discovered app inventory reports in intune are sometimes out of date e.g. still showing software is installed a few months after I know for certain it was uninstalled. Is there any way we can kick start the inventory process to re-scan the device? Currently have other inventory tools so not major but would be nice for intune to also be accurate.

I have a handful of devices that have not check in with Intune for more than a week even though they are online.  What would cause this behavior

Question about the KB5050094 update for 

• [Settings] New! You can change time zones in Settings > Time & Language > Date & Time. You don’t have to be an admin to make this change.

Time zone now shows up under Date & Time for our users.

However, when trying to access it, they are first prompted for UAC, and if they click No, then they can access it. Is this expected behavior? It's confusing for our users.

We're halfway through today's Office Hours. Keep the questions coming if you have them!

Hello, is someone able to help me with a conditional policy issue?

What is happening is when we turn this policy "Multifactor authentication for per-user multifactor authentication users" from report only to on then our users try to sign onto teams and it prompts the multifactor which they can do properly but then get this screen right after 

But it doesnt let them input the password and basically acts as if the user didnt user MFA, however once we put the policy into report only, it works as it should and lets user log in once the complete the MFA. How do we fix/troubleshoot this?

How can i remove Cortana completely from the autopilot devices, i can assigned the uninstall during autopilot to the device, but this only works if the apps was previous installed by the same way(intune in this case), right?

I want to implement AppLocker. My users are all cloud accounts and devices are Microsoft Entra Joined. Each device is registered in Intune as the user. My end goal is to block all applications except for specific ones we would like to allow. So a blanket deny on all apps except MS Office, Edge, Chrome and a few others.
What is the best approach to implementing AppLocker for existing Entra joined devices and cloud accounts using a blanket deny rule and whitelisting specific apps?