I need a secure and easy way to pull files from remote users on network and via Intune. This problem keeps coming up and rather then having to bother the user, global admins need to remotely connect to file explorer and pull a log file in various situations. It is not critical for this to work via Intune as the majority of the laptops we need to do this for are in an office and on domain.. but knowing how to do it via Intune would be great since we will eventually be moving all devices to it.
I looked into PSTools and see that I need to enable firewall rules for some ports and some services via GPO. After testing it, I see that I have to enable file and print sharing firewall rules too. A further test showed that attack surface rules need to be modified... that is where I draw the line. What is everyone doing to securely allow this functionality?
Thanks