Forum Widgets
Latest Discussions
Almost all devices show as Not Applicable in update rings
Currently almost all devices in our environment show not applicable in the standard windows update ring. Newly added devices seem OK. We previously used GPOs to push update settings. As this was conflicting with the Intune settings, we disabled the GPOs. Around that time (not sure exactly) our devices began showing not applicable for an update ring they were good with previously. Anyone seen this/have any ideas?
Intune Shared-Device Configuration - Disallow Entra Login
Hello everyone, I am encountering an issue with our shared device setup in Intune. Our organization manages devices through Intune, and we have configured shared devices specifically for external guests who only need access to a laptop and Microsoft Office products. While the setup generally works as expected, we’ve noticed an issue where users are still able to log in using Entra (Azure AD) accounts from our tenant, despite setting the Guest account configuration to "Guest" in Intune. We would like to restrict access solely to the local guest account and prevent users from logging in with Entra accounts. Our current configuration for the shared device profile is as follows: Shared multi-user device settings: Shared PC mode: Enabled Guest account: Guest Account management: Enabled Account Deletion: At storage space threshold and inactive threshold Start delete threshold (%): 20 Stop delete threshold (%): 50 Inactive account threshold: 30 Local Storage: Enabled Power Policies: Enabled Sleep timeout (in seconds): 600 Sign-in when PC wakes: Enabled Maintenance start time (minutes from midnight): 60 Education policies: Disabled Is there a way to enforce this restriction, allowing only the local guest account and blocking Entra user access? Any guidance on this matter would be greatly appreciated. Thank you for your assistance.
Does the Intune Management Extension enroll the Windows PC in InTune?
Intune Management Extension fails to install. The device is not visible in InTune. It IS visible in EntraID and Defender. Is the install failing because it's not enrolled in InTune or is it the opposite? This is a remote device, so I don't have direct access.Disable automatic app updates for specific apps in Intune
Hi, In our organization, I have enabled all three options below to install and manage traditional Android applications through Intune, However, we have encountered a situation where certain specific Android applications, such as the Google Play Private App, only work with lower versions of the OS. The higher version is not compatible, and Google Play Store is reporting it as an unsafe app and blocking it. Is there any option available in Intune that allows us to block automatic app updates for specific applications?
Problem running the Windows Feature Update Device Readiness Intune Report
I have a custom Intune role for our support staff. I want them to be able to run the Feature Update Device Readiness report. When they click on the Select target OS link, it shows "No data to display", instead of the OS list. They are able to click on Select scope tag and see a list of scope tags. Is there a permission they need that I'm missing? Here is what I have assigned for the custom role. Audit data Read Corporate device identifiers Create Delete Read Update Device compliance policies Read View Reports Device Configurations Read View Reports Endpoint Analytics Read Endpoint protection reports Read Enrollment programs Create device Delete device Read device Sync device Assign Profile Read Profile Managed apps Read Managed devices Delete Read Set Primary user Update View reports Organizations Read Remote tasks Clean PC Collect diagnostics Enable Windows IntuneAgent Get Filevault key Manage shared device users Reboot now Reset passcode Retire Set device name Sync devices Wipe Roles ReadMicrosoft Intune App Deployment
I have this autoinstall script for MATLAB 2024, the installer_input.text is configured with the right information inside it and every test I've done on my machine (locally) succeeded, however when I'm trying to deploy the software to a device and it creates a path in C:\Program Files\MATLAB however even though its creating this path at the installing stage it still not fully deploy the software like it should.. "%~dp0setup.exe" -inputFile "%~dp0installer_input.txt" TIMEOUT /T 120 /NOBREAK Exit 0 The install command in intune I set to cmd.exe /c autoinstall.bat what can i do to fix it? maybe the intune install command isn't good? or its within my autoinstall script
Disable sign in to Windows device (fast)
Hi, When using Intune along with WHfB PIN, what is the best approach to disable sign-in to Windows PC (using WHfB PIN)? Wipe command is not an option in this case, we just need to block access to the PC and do it fast as possible. In my testing blocking user, revoke session, disabling device is not preventing user from using cached PIN to enter and use computer. Yes, it's signed out from Office apps etc, but still has access to local files. I think there should be command in Intune that will efficiently do this. Thanks!Parameter is incorrect error at ESP phase of Autopilot device preparation policy (Autopilot V2)
Hi Team, I am testing the Windows autopilot device preparation profile (Autopilot V2). Here, I need to rename the device while it is enrolling to the Intune (during ESP). So, I created a script that has below command to rename the device and rebooting it. Rename-Computer -NewName $newname -ErrorAction 'Stop' -ErrorVariable err -Restart -Force The issue I am facing now is that, when the device is at ESP, it runs the script to rename the device and also it restart the device. But after restart it does not complete the device preparation set up and s an shows an error screen called with message "Parameter is incorrect" and after clicking on OK, I get to see the login screen. After logging in, I am able to use my machine fine and the device is also renamed as per my organization standards. Does anyone also have faced this kind of issue while testing the Autopilot V2 with reboot script at ESP. Regards, Ashish AryaError running on-premises Intune Connector for Active Directory (ODJ Connector).
Hi, I trying add AAD joined devices hybrid at my AD DS local whit Autopilot. I downloaded the ODJConnectorBootstrapper.exe file from the Microsoft Endpoint Manager > Devices > Enroll devices portal, the installation was successful, but after trying to sign in, an error occurred in the log file (C:\Program Files\Microsoft Intune\ODJConnector\ODJConnectorUI\ODJConnectorUI. log) and also in the Event Viewer (Application and Servecies Logs > ODJ Connector Service) .. ODJRequestHandlingPipelineDownload_Failure: Failed to download ODJ requests. InstanceId:We are unable to complete your request because a server-side error occurred. Please try again. [Exception Message: "DiagnosticException: 0x0FFFFFFF. We are unable to complete your request because a server-side error occurred. Please try again."], DiagnosticCode:514AE631-B83B-409A-9056-6095ADE99F21, DiagnosticText:Unknown_Error The IE Enhanced Security Configuration is already OFF, I've removed everything related to Intune and reinstalled only the ODJConnector, I've restarted the server, but the problem persists.
