User Profile
RobdeRoos
Iron Contributor
Joined Apr 12, 2019
User Widgets
Recent Discussions
Re: Have an Edge question that wasn't answered during an Ignite ATE session? Post it here!
MissyQ My question got awnsered but wasn't totaly clear. The question was: Something I mis in Edge in combination with MAM on a private unmanaged Windows device. (So MAM without enrollment) is that every site opened under a logged on (AAD) Edge profile isn't protected (the suitcase icon does not apear). A website should be added in the MAM profile, but if that is done the website is always protected even if you open in in a different Edge user profile and logged on with other credentials than your corporate credentials. It is pretty difficult to explain it here without seeing it in action. I will rebuild it in my lab and see if I can get a more clear view of what I experienced. It could be more intuitive in my opinion.3.4KViews0likes0CommentsRe: Simple method to run logon / recurring scripts in Intune!
Make sure you place a shortcut to the script in the startup folder. I made a scriot with AutoIt and compiled that to an exe. The exe I place somewhere in program files ans the shortcuts to it lands in the startupfolder.88KViews1like2CommentsRe: Device Compliance
AJRoy I can imagine this would solve the system account issue because the policy isn't applied to the system account. But what if, on a shared device, 1 user breaks compliance and another user logs on before remediation can me done for that one user? I recon the device would still be marked as non compliant even though the second user is marked as compliant again. That is the issue I have ran into in the past. I believe what MS states is not the solution to the issue but a workarround.10KViews0likes6CommentsRe: Device Compliance
SamTeerlinck In many cases customers of ours have allready Intune implemented or partialy implemented. If I would be building an enviroment based on user assignment it would also impact devices that are allready in use by users. Another case where I don't want user assignments is when we have a customer that has BYOD devices. Those devices are personaly owned and most of the times policies for BYOD and corporate owned devices will deffer from eachother. A third example is development users versus "standard" users. But in that case it's not the policies that we don't want to target to users but just the applications.\ As long as we can't exclude devices on policies that are assigned to users, I need to have policies applied to devices most of the time.13KViews0likes0CommentsRe: Best practice for Win10 local admin user when computer offline
hkusulja When a device gets transferred from one user to another I reccomend you do a wipe/reset of the device. That way the new user will become the primary user of the device. For the password issue, add a password reset option to the logon screen by adding the following custom policy: Name: Windows 10 Password Reset Description: Add Password Reset to Windows 10 Logon OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Authentication/AllowAadPasswordReset Data Type: Integer Value: 1 In my opinion a local account isn't needed. I use Intune a lot of years now and never had to cope with an issue where users couldn't logon to their devices.7.8KViews0likes8CommentsRe: Privacy Settings not Suppressed during AutoPilot OOBE (1903)
derekliu No I haven't used the offline way yet. But in my opinion the autopilot profile that gets assigned to the devices is 100% the same. So when a device gets to OOBE and the profile gets assigned it should work the same way. Could it be that you have an older Windows 10 build?4.9KViews0likes0CommentsRe: Device Compliance
In my opinion there is a major!! flaw in compliance reporting by Intune. The problem we encounter with shared devices forced us to completely disable all compliancy checks for those devices. The situation: User 1: logs on to the device User 1: marks the device as not compliant for whatever reason User 1: Logs of from the device before remediation could be started User 2: Logs on to the device User 2: The device gets remediated User 2: tries to open a resource that requires a compliant device and is denied access because the device is NOT compliant The only solution is... let User 1 sign in again and remediate the device under User 1.... In my opinion this is absolutely unacceptable.... The solution is called DEVICE compliance. So how the beep is it possible that the DEVICE wont be set to compliant when a different user logs on to the device and remediates the issue that marked the device to be non compliant..... For another customer of ours, an admin needed to logon to a users device and marked that device as non compliant. Result was the user wasn't able to access resources that required a compliant device. Especialy with shared devices we cannot trust the Device Compliance solution the way it works now. This is a huge issue in a world where compliancy is one of the key components to secure access to resources.26KViews3likes1Comment
Recent Blog Articles
No content to show