User Profile
jDanielL
MCT
Joined Oct 05, 2023
User Widgets
Recent Discussions
Re: Why our users are getting local admin access on devices when the device runs through Autopilot profi
What enrollment method are you using ? Even if you create an Autopilot Profile, if you use autoenrollment your users will always end up Local Admin. You can check the enrollment method by it's profile assignment in the device once it is enrolled... (look at the Enrollment blade in the device details). Another solution would be to setup a "Local user group membership" profile in your Endpoint Security blade (Account Protection) to make sure that only the default groups have local administrative privileges.5KViews1like0CommentsRe: Installing Win32Apps while no console user logged on
No all detection methods are currently using HKLM registries, so I don't know why. Fortunately, since the software do install, I can see logs but they still don't report to Intune as installed until the primary user logs in. It's a bit of a hassle if the user doesn't sign-in for a while...2.1KViews0likes0CommentsRe: How can I enable my profile picture to be visible outside of my tenant?
Hello MrHinsh, I believe what you saw or experience might be the LinkedIn integration to Entra ID. Sometimes users who have public profile pictures on LinkedIn will replicate to your environment if you have the integration configured. (Especially if the same email is used for both their Entra ID account and their LinkedIn Account) See this article : https://learn.microsoft.com/en-us/entra/identity/users/linkedin-integration15KViews0likes2CommentsInstalling Win32Apps while no console user logged on
Here is the scenario: I am currently working on a project to deploy and manage apps using only Intune. I have been packaging everything using PSADT. Now I am able to deploy full complement of apps like AutoCAD, Revit suites, etc. with success (even using Pre-Provisioning). I am using device assignment exclusively and managing the different software deployment formula using either Device Categories (or Group Tags within Autopilot Device for the pre-provisioning steps separately). Now I am reaching the point where I need to put in place the setup to maintain all this with upcoming updates and hotfixes (AutoDesk mostly). As expected, I don't want to be updating apps while the users are actively using them in production so I have been experimenting with a way to perform the software updates using a combination of Superseding strategies along with some Requirements scripts (like detecting if the acad.exe is running or not) to automate the deployment of those updates. So far I have been successful, except that at some point my users are shutting down their PCs when not using the software's (Revit, AutoCAD, etc.). As you can imagine this poses a recurrent issue for the updates... I am now experimenting with a requirement script that detects if a users is currently logged on (console session) on the device in order to allow the update to be performed. But for some reason Intune doesn't seem to be installing the software until the user logs on (even if the device is left at the CTRL+ALT+DEL screen, I even disabled the "Shutdown/Sleep" options in windows to encourage the users to NOT shutdown their machines for the updates). Obviously the user opens the update targeted software soon after logging thwarting the concept. Any idea on this ?
Recent Blog Articles
No content to show