macOS unenrolled, but software updates still enforced
Hey all, I have enrolled and unenrolled a privately owned MacBook Pro M1. However I still get managed software update notifications, see screen shot. In English, this says "required managed update. unit must be charged at least 50% or connected to mains. The unit will be restarted to apply the update. You can cancel this update 4 more times before it will be installed automatically. This is a huge issue for me because I don't want to update to macOS 26 at this time. I unenrolled the MacBook from the company portal. It no longer appears in the list of managed devices. On the unit, under Settings, Device management, the profile list is empty: I don't know how to troubleshoot further. I would be very grateful to anyone who could point me to some next steps to try. Thank you Selwin Kadijk
Google Play Web apps in Edge
Hi Community, We build quite a lot of Webapps in Managed Google Play and assign those to our Android devices managed in Intune as Dedicated with Entra ID Shared device mode. We run MS Edge as the default browser. Lately we have discovered that Webapps, pointing to web sites where you write text in a input field, especially if the text box is at the bottom of the screen, doesn´t behave as we expect. When the virtual keyboard is activated it often hides the text box, making it impossible to see what you write. If we open Edge and manually browse to the same site, it behaves better. I have also tested to open the Web app in Chrome which works as expected. It doesnt matter if I create the Web app with "Fullscreen" "Standalone" or "Minimal UI" display mode. First image shows the site opened manually in Edge. The textbox is moved above the keyboard Same site opened as a Web app. When activating the keyboard, the text box becomes hidden under the keyboard
Having trouble with MDM
I am trying to set up a surface pro with a business account. However I got a error saying looks like we can't connect to the URL for your organization's MDM terms of us. Error: invalid_client Error subcode: Description: failed%20to%20authenticate%20user Does anyone know a quick fix to this problem. Thanks,Google Meet Links Not Opening on Intune-Managed Devices
We recently encountered an issue where Google Meet links could not be opened on devices managed via Microsoft Intune. This behavior was consistent across multiple users and devices, and it raised questions about whether this was a configuration issue, a policy conflict, or something else entirely. Symptoms Clicking a Google Meet link (e.g., https://meet.google.com/xyz-abc-def) results in no action. Tried to open it from Outlook, Gmail or Google-Calendar When Opening with the Browser, we get a Redirection to Google-Play-Store, but the Google-Meet App ist already installed. Behavior is consistent across Outlook, Teams, and other apps that handle links. We tried different Default Browers (Edge and Chrome) and Outlook, Gmail, Google Calendar and Google Meets are configured as managed Apps Is this a known Issue or can this be fixed with Intune Configurations? Looking forward to your feedback.
Understanding DEM accounts and licensing
We are trying to understand the right way to deploy corporate devices that I'll call "shared" among staff. Specifically iOS devices. We started out thinking we needed to buy tens of thousands of device licenses as they weren't tied to a user. Then start reading about this DEM account idea. If I'm understanding it right, I can create 150 of these DEM accounts and each can enroll 1,000 devices. So then I could enroll 150,000 devices without paying for any licenses? Or do I just need to buy 150 "user" licenses and can enroll 150k of devices for no more cost? What if I need to move to like plan 2 for these devices for say tunnel capabilities. Do I have to pay per device or just for the 150 "user" licenses? Is it really free vs paying even for the "DEM" accounts? Curious if anyone can explain how these accounts work as even though we have an enterprise account with MS no one there seems to be able to explain it to my satisfaction.Outlook cache mode set to download 3 months of emails
Hi ladies and gents, We have a requirement to set Outlook cache mode set to download 3 months of emails. The environment consists of Exchange Online, Intune and M365 and the devices are cloud native Win 11. Could you please advise the best way to achieve this. GPO is not an option, and Intune does not have a policy for this.Remed Script to delete Reg Value
Hi All I hope you are well. Anyway, pulling hair out this one, so could someone help me compile a Detect and Remed script to delete the following Reg key please: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate Value I need removed is the SetActiveHours one as below Any help would be greatly appreciated.Enroll existing macOS devices to Intune
Hey, How do you handle/enroll existing business macOS devices, which are not yet managed by Intune or any other MDM? I believe if i somehow add them to ABM: if reseller adds them i can run enrollment profile, no wipe needed i can add them with configurator for iPhone, wipe needed Is for direct enrollment (without user affinity) device license needed? And user (with Intune license) will then use device. As stated here :https://learn.microsoft.com/en-us/intune/intune-service/fundamentals/licenses#device-only-licenses no direct enrollment is mentioned (manual install profile). What other options do i have for properly manage macOS devices (not byod but corporate) ? Thanks, Tom
InTune policies blocking callback from Edge browser
InTune policies blocking callback from Edge browser I'm using a BYOD Android phone enrolled in our company's InTune company portal. A few months ago, I ran into an issue where I'm unable to authenticate to a MatterMost chat server from the MM app in my work profile. When I enter the server address and click log in, it takes me to a browser window inside the MM app (but using Edge) to authenticate using the host organization's SSO. Once I enter my credentials, it sends a callback using this URI scheme: mmauth://callback?MMAUTHTOKEN=<token>&MMCSRF=<more data>. However it looks like Edge prevents this callback from reaching the MM app because I get a popup saying: No available apps There are no apps currently configured on this device that your organization allows to open this content. Please ensure you are signed in with your work or school account to your managed apps or contact your organization's support team. I assume this is because our IT has either "Restrict web content transfer with other apps" or "Allow app to transfer data to other apps" policy settings enabled. In general things are pretty locked down so that data can't be shared between non-Microsoft apps, and even then some things can't be copied and pasted from one Microsoft app to another. I reached out to our company IT support but he seemed to think the only possible solution was to allow Chrome inside the Work profile to bypass the Edge restrictions. For obvious reasons, no one in IT or the company leadership wanted to implement this solution. Are there any other solutions where MatterMost or even just that specific "mmauth" URI can be white-listed in InTune to allow MatterMost to complete the authentication? Not looking to try to get around policies, but would like to have a informed discussion with our IT on maybe adjusting the policy to be more functional.
