User Profile
joel_grangier
Brass Contributor
Joined 7 years ago
User Widgets
Recent Discussions
Re: Installation of new Win32 app to existing Intune Shared PCs not installing, but installs on rebuild.
reggie_1968: Have you tried to set the "SkipUserStatusPage" to enabled? We had already a similar issue. As the "Account Setup" step has never been completed due to your construct of a shared device without user affinity, the "Intune Management Extension" is waiting (for ever) for this step to be accomplished before installing additional Win32 apps. You could try to deploy the following OMA-URI setting to your shared devices: ./Vendor/MSFT/DMClient/Provider/MS DM Server/FirstSyncStatus/SkipUserStatusPage DMClient CSP - Windows Client Management | Microsoft Docs4.7KViews1like2CommentsRe: Installing .MSI and .EXE based applications as part of Autopilot
Rudy_Ooms_MVP I'm just speaking about a professional solution/concept, which would never cause any issue.You never know what the future holds... You could also have this issue outside of the ESP process (meaning when the user is already logged on and has an interactive desktop). In that case, the installation of the impacted apps will be delayed. These apps will be available in worst cases only the next day... But anyway, these are just recommendations and everyone can do what he wants π28KViews0likes2CommentsRe: Installing .MSI and .EXE based applications as part of Autopilot
Chris-Yue I would really not recommend to have a mix of MSI (Line-of-business app) and EXE (Windows app (Win32)). The OMA DM agent can starts an MSI installation and simultaneously the Intune Management Extension plugin can start a Win32 app installation. If yourWin32 app would install an MSI as well (embedded), this will cause an issue because it's not possible tohave multiple instances of Windows installer (in relation with TrustedInstaller) at the same time. This is also documented in the following article (See Note): https://docs.microsoft.com/en-us/troubleshoot/mem/intune/understand-troubleshoot-esp#device-setup29KViews0likes4CommentsRe: OMA-URI Settings to Allow users to change time fails!
SamSONACA At this time, there is unfortunately no automated way to perform this. You can use theGroup Policy analytics as an helper. You have still to create the desired configuration profiles manually, for the most policies that you currently have. If your goal is migrating your current on-prem environment in the cloud, you should consider to not do a 1to1 migration of your GPO's. There are for sure some policies which should no more be needed, or which doesn't make any sense anymore. It's the right time to perform a cleanup action on your policies ;-).5.2KViews0likes0CommentsRe: OMA-URI Settings to Allow users to change time fails!
HiSamSONACA, Yeah, the "Policy CSP - UserRights" isn't really well documented. This is how I've used it in my test environment: OMA-URI: ./Device/Vendor/MSFT/Policy/Config/UserRights/ChangeSystemTime Data Type: String Value: *S-1-5-19ο*S-1-5-32-544ο*S-1-5-32-545 As mentioned in this article,it is better to use SIDs, because strings are localized for different languages. For reference, see Well-Known SID Structures. Now, you have to be carefulwith the special characterο. Johan Arwidmark has already well explained in his blog how to handle this. The real delimiter is: It has to be converted to: ο In MEM, it will be displayed like this:ο Im my case, the end user with standard user rights can only change the time through the "timedate.cpl". The shield of UAC is still displayed, but the end user isnevertheless able to change the time:5.2KViews0likes2CommentsRe: Intune | Powershell Script
Hi AnuragSrivastava; Yes, thesystem context will make the script runs with admin privileges. The "Local System" account is used and this account has alwaysadmin privileges on a device. But in that case, the script will be executed in an other context as the one of the logged on user. So, if you want, for example, to uninstall an application which has been installed per-user (in the user context), you have to adapt your script accordingly.15KViews1like0CommentsProactive remediations on Windows 10 Pro
Will it be possible to use Proactive remediations on Windows 10 Pro devices in the future ? We would really appreciate to be able to use the feature, without the need to buy a Windows 10 Enterprise license. Our service can currently only running with an EMS E3 license and we don't want to force our customers to buy a more expensive license just to be able to use this really nice feature.SolvedRe: Deploy EXE as Admin
StuartK73 If your Intune package needs admin privileges to be installed, you should install it under the system context, by selecting the correct "Install behavior". If you have selected "User", the installation will run in the context of the logged-in user and the UAC will pop-up if it's activated. If am I understanding your case correctly, I assume that the user is not admin on the device...4.3KViews0likes1CommentWindows Autopilot for Surface Hub 2S
Is it planed to use WindowsAutopilot to enrollSurface Hub 2S devices? Currently, only the bulk enrollment is available. This give us too less possibility to configure such devices (eg. Wlan profile WPA2-Enterprise not supported). If yes, what is the timeline? Is there a possibility the be part of a private preview program?