User Profile
Orion-Skol
Brass Contributor
Joined Dec 31, 2019
User Widgets
Recent Discussions
help need to create Dynamic Distribution group in exchange online office 365
folks, I have created Dynamic security group with this parameters query: (user.objectId -ne null) and (user.userType -eq "Member") and (user.DisplayName -notContains "Archive") and (user.employeeId -ne null) like to replicate with Dynamic Distribution group. User must have mailbox user must have employeeID Specific Office (there is office properties in recipients). this is so far what i have New-DynamicDistributionGroup "DDG_AllEmployees" -RecipientFilter {((RecipientType -eq 'UserMailbox') -and -not (UserAccountControl -eq "AccountDisabled, NormalAccount"))} Any help, thanks in advance1.3KViews0likes3CommentsRe: Intune auto MDM enrollment for devices already Azure AD joined?
i was in same situation. But dig more on schedule with intune. found following command and added some parameters. All my devices are in Intune now. here is the command i ran c:\windows\system32\deviceenroller.exe /c /AutoEnrollMDM not sure if this works for you guys, but give it try50KViews1like0Commentscreate dynamic distribution group in exchange online office 365
Folks, I am able to create dynamic security group in azure as below requirements. - with all users - user type should be Member - excludes displayname XYZ - User should employeeid. My syntax is below: (user.objectId -ne null) and (user.userType -eq "Member") and (user.DisplayName -notContains "xyz") and (user.employeeId -ne null). I know how to create Dynamic Distribution Group in exchange, but i am looking for above criteria how to create specific group as listed above in exchange office 365? any help thx in advance3.8KViews0likes3CommentsRe: After AutoPilot, devices showing Require BitLocker Not Compliant
you guys were right. I thought for surface all drivers and firmware updates from windows updates and windows were all update to date. but apparently not. so I had download drivers (msi file from Microsoft). Installed on 3 different models and they are all showing complaint... So now I have created dynamic model groups in AAD, created apps for all models drivers, assigned to groups... seems like working great.... Thanks for all help...5.4KViews1like0CommentsRe: After AutoPilot, devices showing Require BitLocker Not Compliant
PKlapwijk that was first thing i checked. as i mentioned when i ran manage-bde -status it is showing percentage encrypted 100%, used spac only encrypted, XTS-AES 128 Swaminathan_Arumugam Just volume c drive5.4KViews0likes0CommentsAfter AutoPilot, devices showing Require BitLocker Not Compliant
Windows 1909 (OS Build: 18363.900). Surface Book 2 No config Manager. All Azure AD. No on premise servers.. folks, when autopilot done and user login, device in Intune showing Require BitLocker Not Compliant Its been overnight, when i checked manage-bde status it is showing: Disk volumes that can be protected with BitLocker Drive Encryption: Volume C: [Local Disk] [OS Volume] Size: 952.72 GB BitLocker Version: 2.0 Conversion Status: Used Space Only Encrypted Percentage Encrypted: 100.0% Encryption Method: XTS-AES 128 Protection Status: Protection On Lock Status: Unlocked Identification Field: Unknown Key Protectors: Numerical Password TPM its been over 15 hours, but still non-compliant. Any thoughts \ suggestion?Solved5.8KViews0likes8Comments- 7.4KViews0likes3Comments
Re: start menu xml through AutoPilot, no option to Pin To Start for any apps
Swaminathan_Arumugam thanks for your reply. I did tried "OnlySpecifiedGroups" in xml file. it works fine and was able to Pin To Start. The issue would be now, user can't add to existing group in StartMenu as shown below.4.3KViews0likes1Commentstart menu xml through AutoPilot, no option to Pin To Start for any apps
folks, Trying to setup or aligned start menu icon through xml file, it install and icons looks good, but user can't add icon anymore. Option to Pin to start is not available. attach is the xml file. Picture above showing if user right click, there is no option to Pin To Start (any apps).. thanks4.5KViews0likes3CommentsRe: Enroll existing Azure AD Joined W10 Devices into Intune
Thijs Lecomte I see big failure here if MS won't change this. This would be lack of security and compliance of many companies especially with financial companies. I think i would suggest my company to look for 3rd party MDM solution...good luck everyone.26KViews1like1CommentRe: Enroll existing Azure AD Joined W10 Devices into Intune
Thijs Lecomte This is the reason i had mentioned above that Intune enrollment is unprofessional and not acceptable. How many corporates will give users to local admin rights to enroll Intune? If your corporate does, good luck with compliance and Auditors. Why not create right click on endpoint.microsoft.com on devices and select to enroll MDM device? or with powershell? otherwise it is total Failure...26KViews1like7CommentsRe: Enroll existing Azure AD Joined W10 Devices into Intune
Thijs Lecomte we can't give every user to admin permission, My auditor will yell at me and i don't think any corporation will be able to give local admin rights to users. So enrollment would failed here.. Can a separate user account with local admin (not a login user)enroll this while user (non admin) login26KViews0likes9Comments
Recent Blog Articles
No content to show