User Profile
DxR
Iron Contributor
Joined Sep 23, 2018
User Widgets
Recent Discussions
Re: Watermarking in Microsoft Intune
Not part of Microsoft Intune but part of Microsoft Purview Information Protection, Sensitivity Labels allow you to classify and protect your company documents and add watermark https://learn.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide2KViews0likes0CommentsRe: Scripts don't working in mac?
Hi I don't have a Mac at hand to test but I think that by relying on the Octory installation script (lines 147 to 180) and by adding some logs you will manage to identify the problem. https://github.com/microsoft/shell-intune-samples/blob/master/macOS/Config/Octory/installOctory.sh1.3KViews0likes1CommentRe: Alerts for admins when new device enrolled in intune
Hi, You can post your request on the Intune Feedback Portal https://feedbackportal.microsoft.com/feedback/forum/ef1d6d38-fd1b-ec11-b6e7-0022481f8472 In the meantime, you can test this solution based on Logs Analytics and Azure Alerts : https://gregramsey.net/2020/03/20/using-log-analytics-to-generate-alerts-for-each-new-intune-device-enrollment/6.6KViews2likes0CommentsRe: Intune BitLocker silent encryption not working on Hybrid Azure AD devices.
Hi, Sorry, I read your 1st post too fast. It’s HAADJ not AADJ, it seems that the allow standard user to enable Bitlocker have no effect on HAADJ and encryption won’t work during autopilot. When encryption start (Step 4) your HAADJ process isn’t completed (Step 3) so recovery key can’t be back up. This post can help you to enable Bitlocker silently during the Autopilot process, when it finish recovery key are store on AAD for HAAJD https://msendpointmgr.com/2019/10/31/silently-enable-bitlocker-for-hybrid-azure-ad-joined-devices-using-windows-autopilot/13KViews1like2CommentsRe: Intune BitLocker silent encryption not working on Hybrid Azure AD devices.
Hi, I don’t really understand if at the end of Autopilot process your drive is encrypted and backed up in AD or if encryption start only when you open session. Can you try with these settings : Compatible TPM Startup : Required Compatible TPM Startup Pin : Blocked https://techcommunity.microsoft.com/t5/intune-customer-success/configuring-bitlocker-encryption-with-endpoint-security/ba-p/2283101 Renald13KViews0likes0CommentsRe: How to allow powershell in managed device?
Run the Get-ExecutionPolicy -List That will display your actual config to find at what level it’s apply. Any chance that you have a GPO in conflict with your CSP ? If you don’t set the MDMWinsOverGP your GPO win and CSP never apply https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-controlpolicyconflict2.2KViews0likes1CommentRe: How to allow powershell in managed device?
Hi, - Backup Exexcution Value : $BkpEP = Get-ExecutionPolicy -List - Then reduce the ExecutionPolicy level : Set-ExecutionPolicy -ExexcutionPolicy - Import your module - when it’s done revert back the ExecutionPolicy value Set-ExecutionPolicy -ExecutionPolicy $BkpEP Be carefull, if you stay with ExecutionPolicy to Bypass you are under security risk2.1KViews0likes3CommentsRe: Latest CU for server 2008 are not seen as missing.
Hi, Have you install the 2107 update for ConfigMgr ? Only the latest version of ConfigMgr can deploy ESU. https://techcommunity.microsoft.com/t5/configuration-manager-blog/extended-security-updates-and-configuration-manager/ba-p/825618686Views0likes1CommentRe: Byod Device information Via Powershell
For AAD registered without enrollment use the method from Jannik with this Graph API query : GET https://graph.microsoft.com/v1.0/devices This post can be usefull : https://smsagent.blog/2018/10/22/querying-for-devices-in-azure-ad-and-intune-with-powershell-and-microsoft-graph/ Graph API : https://docs.microsoft.com/en-us/graph/api/device-list?view=graph-rest-1.0&tabs=http#example-1-get-a-list-of-devices5.3KViews1like1Comment
Recent Blog Articles
No content to show