Forum Widgets
Latest Discussions
Autologin to kiosk not working as expected
We recently answered a customer support question regarding kiosk and Windows desktop and figured it would be useful to share the answer here. The customer ran into a scenario where the kiosk profile was successfully deployed through Intune, but the autologin to the Kiosk account was not working as expected. Through the troubleshooting, we discovered the customer was using a VM for testing, which is not supported. While our Windows docs team is updating their documentation to share that kiosk does not support RDP, we also found Michael Niehaus' blog here: https://blogs.technet.microsoft.com/mniehaus/2018/06/07/deploying-a-kiosk-using-windows-autopilot/ which calls out that restriction in virtual TPM's.9.8KViews5likes4CommentsChrome OS
Hi All! We are looking into managing Chrome OS devices with Intune. I believe we need an Google Admin account, which has a monthly subscription cost. Can personal gmail accounts be used to login to the Chrome OS devices or do they require a different Google account. Are there any other cost's involved from Google? device licenses etc.. Thanks34Views0likes3CommentsAllow Location Service on Windows 11 for Zoom
I am having no luck finding documentation here, likely using the wrong terminology, but I want to allow the desktop Zoom app to use location services on our windows computers. This is so that the phone service on Zoom can use location services for 911 calling when a user isn't in the office. I can find 'force location allow for apps' in the settings catalog when creating a policy, but I can't find the package family name for the Zoom desktop app to allow it. So first, is this the best way to allow the service here and if so, where can I find the Package Family Name? Second, if this isn't the best way to get there, what do you suggest? Thanks as always for any help you can give.Brett_AbbottNov 07, 2024Copper Contributor7Views0likes0CommentsApplication Protection Policy not applying to Microsoft 365 (office)
Hello Community, We have setup an APP for MS applications (android), that prevent users from saving attachments, or documents received by teams or even documents that reside on OneDrive to their local storage, we have also configured some security aspects like PIN code or biometric fingerprint to access the apps. Everything is working fine from Teams, Outlook, OneDrive, but when i use "Microsoft 365 (Office)" App, its like the policy is not applied to this specific application, i can download files, i can access the app with no need of PIN or Fingerprint, i can access a Word file and choose save as and put it in my local phone storage. i have already created a ticket to Microsoft, but they are veeery slow. can you please help.sammtdNov 07, 2024Copper Contributor614Views0likes15CommentsReporting for intune
Hi is there any useful reporting if an intune policy as applied correctly? I see there is some logging in the event viewer, but most of it doesn’t make sense when there is an error. Most of the error codes, it appears no one knows what they mean.. even co-pilot or MS don’t have the answer….andytheit2Nov 07, 2024Copper Contributor6Views0likes0CommentsMicrosoft Intune - Software installation
I am a beginner using Intune to manage PCs (Windows 11) and Android devices. When adding a new PC with Windows 11, the following happens: The user logs into the computer with their email account from our company administration and starts Windows 11 (Business) and complete the Device Registration in the "Unternehmensportal". The user (who is supposed to be a standard user) is set up with an "Administrator" profile. If I change the user to a standard user (logging in with the company's admin account on the same computer), I can no longer install any software and get the message "Installation is blocked" (or something similar) when running the installer. There's no prompt for admin rights or an option to run the installation file as an admin. On another user's computer, everything works without problems. No policies are configured, at least not to prevent software installations. The user should not be able to install software independently, and standard users should be standard users when first logging into a new device. Who can help me?11Views0likes0CommentsHow to enable/disable on iOS devices the setting: Notifications -> Civil Protection Pre-Alerts
We would like to have the possibility of enable/disable this notification service on iPhones from Intune. Intune already manages these devices. Is there a device configuration policy template, service catalalog, or something similar?ramonfernandezNov 07, 2024Copper Contributor10Views0likes0CommentsIntune Shared-Device Configuration - Disallow Entra Login
Hello everyone, I am encountering an issue with our shared device setup in Intune. Our organization manages devices through Intune, and we have configured shared devices specifically for external guests who only need access to a laptop and Microsoft Office products. While the setup generally works as expected, we’ve noticed an issue where users are still able to log in using Entra (Azure AD) accounts from our tenant, despite setting the Guest account configuration to "Guest" in Intune. We would like to restrict access solely to the local guest account and prevent users from logging in with Entra accounts. Our current configuration for the shared device profile is as follows: Shared multi-user device settings: Shared PC mode: Enabled Guest account: Guest Account management: Enabled Account Deletion: At storage space threshold and inactive threshold Start delete threshold (%): 20 Stop delete threshold (%): 50 Inactive account threshold: 30 Local Storage: Enabled Power Policies: Enabled Sleep timeout (in seconds): 600 Sign-in when PC wakes: Enabled Maintenance start time (minutes from midnight): 60 Education policies: Disabled Is there a way to enforce this restriction, allowing only the local guest account and blocking Entra user access? Any guidance on this matter would be greatly appreciated. Thank you for your assistance.PsychedPalaNov 07, 2024Occasional Reader13Views0likes0CommentsAutoPilot Question
Hi All Apologies if this has been asked before. Anyway, we use Intune DEM accounts to setup new devices and download / run the AutoPilot script to import our devices into Intune. This is fine. What we find though, is that the DEM accounts are still presented with the OOBE setup screens which the AutoPilot profile is supposed to strip out. Am I missing a trick here? Would a reboot after the AutoPilot script has been ran etc solve it? Any ideas?StuartK73Nov 07, 2024Iron Contributor10Views0likes0CommentsMicrosoft Graph Command Line Tools Blocked by CA
Hi All I hope you are well. Anyway, I recently turned ON a Conditional Access Policy Template, "Require MDM-enrolled and compliant device to access cloud apps for all users (Preview)" this seems to work fine until our IT Admins try to use the AutoPilot script which gets blocked based on: Microsoft Graph Command Line Tools Any ideas on how to allow AutoPilot /Microsoft Graph Command Line Tools through CA? Info appreciatedStuartK73Nov 07, 2024Iron Contributor140Views0likes5Comments
Resources
Tags
- Intune3,841 Topics
- Mobile Device Management (MDM)2,087 Topics
- Mobile Application Management (MAM)760 Topics
- Conditional Access424 Topics
- Software Management389 Topics
- Graph API224 Topics
- Azure Friday151 Topics
- Autopilot101 Topics
- Android61 Topics
- iOS51 Topics