Mar 24 2017 10:11 AM
I plan on moving my field users to Azure AD Joined devices using Windows 10.
I can deploy .MSI packages via Intune / MDM app deployment.
I need to be able to push down settings such as:
- Trusted sites in IE
- Security settings in IE
- Browser Favorites
All of these end up being registry settings.
What is the best way to manipulate registry settings for MDM managed AAD joined Windows 10 devices?
Must I get the settings wrapped into an .MSI and then deploy that as an app? Or is there any other way to facilitate this.
Thanks
Mar 27 2017 12:59 AM
I think you should focus on managing the clients with OMA-DM which is the standard for MDM with Windows 10.
More information regarding modern management of Windows 10 can be found here: https://technet.microsoft.com/itpro/windows/manage/manage-windows-10-in-your-organization-modern-man...
All available policies and how to configure them can be found here: https://msdn.microsoft.com/en-us/windows/hardware/commercialize/customize/mdm/policy-configuration-s...
Mar 31 2017 06:26 AM
As far as I understand, with the OMA settings you only control the Edge settings and not the IE settings. I created for example an Custom configuration policy with ./Vendor/MSFT/Policy/Config/Browser/HomePages but it is only applied to the Edge browser.
Apr 04 2017 02:04 AM
Unfortunately they haven't made IE settings available in OMA-URI. This is something that might become available in the future, but considering IE is only available because of legacy I wouldn't count on it.