Event banner
Event details
35 Comments
- Heather_Poulsen
Community Manager
Thanks for joining Office Hours today! Please visit https://aka.ms/Windows/OfficeHours to save the date for future episodes.
- We are looking to deploy Android Enterprise devices in Endpoint manager. If it matters, we will be using Kiosk mode for multiple applications. Is there something to help track devices if they are lost?
- Joe_Lurie
Microsoft
HI reastman1966, does this help? Find lost devices with Microsoft Intune | Microsoft Learn
- Azure/Microsoft 365 Is there a way to separate personal users from system users? When I want a list of actual employees in our organization, I also get a lot system-users. How tell them apart?
- Heather_Poulsen
According to this article, you can run a series of cmdlets to connect to Azure AD, MSonline, and Exchange Online then run a script to create a CSV file with a list of users, and filter that list to exclude system users, rooms, etc. If you need to know which human users are licensed or unlicensed, you can use PowerShell.
Are questions only limited to Windows 11 and device management or can other questions be posted (Teams, M365 environment)? Or are there other events like this specifically for Teams questions?
- +1 - would also be interested if there are other similar events for the other systems please 🙂
- Joe_Lurie
Hi HeyHey16K and Brad-CMI, thanks for joining us today! Each team at Microsoft is separate so it's up to each team to host this. I'm glad you're enjoying the Windows and Intune Office Hours that we host!
I recommend going to the Teams community page and posting a suggestion there: https://techcommunity.microsoft.com/t5/microsoft-teams/bd-p/MicrosoftTeams
And then do the same for some of the other communities.
- Do you know yet when Intune managed multi-app kiosk mode will be available on W11 please?
- Joe_Lurie
Thanks for the question, HeyHey16K. We are in the process of updating our docs to state that multi-app kiosk is indeed supported on Windows 11 and can be configured via Intune. This is something that can be configured using a kiosk configuration script and OMA-URI settings in Intune. See Peter's blog on how to configure this: Configuring multi-app kiosk mode on Windows 11 – All about Microsoft Intune (petervanderwoude.nl)
Thank you Joe 🙂 - so it will not be natively managed on W11 via Intune (using Intune's Kiosk template profiles/policies) like it is on W10?
- In Windows Security > Device Security > Core Isolation on Windows 11 (Memory Integrity and Kernel-Mode Hardware-enforced Stack protection) - if the computer has been in-place upgraded from W10 to 11 often this will not enable due to problem drivers. Is there a central way to manage/rectify these problem drivers please?
David_GuyerHi Michelle, It will depend on whether those drivers are available on Windows Update. If they are, you can use the Drivers policy to approve those drivers to update on the device. If they are not, there isn't a central way to do this. The alternative option is to download the drivers and deploy them as Win32 applications in the Apps blade in Intune. Not great, which is why we built the Drivers policy, though Drivers policy can only deploy drivers available on Windows Update. HTH, -David- Thank you David :). Is there a central way to identify which computers MI/KMSESP aren't enabled on due to driver issues and which drivers are an issue on each device please? On ours so far, it's been different drivers on each device, so we unfortunately cannot mass deploy one driver to fix all 😞
- In Microsoft 365 Multifactor Authentication, I would like to have the option to filter on users who are not enabled. With hundreds of users, it is not easy to sort this manually. It takes a lot of time
- Joe_Lurie
Hello AsbjornSkeie, thanks for the question. This is outside the scope of the people on this Office Hours, but you can likely find this information in the User registration details report in Entra ID (formerly Azure AD).
Entra ID > Security > Authentication Methods > User registration details
- Microsoft Azure - Is there a way to create temporary users with end date? This is a need for temporary employees, students and others. To avoid users having access to systems for longer than agreed
- These types of users usually have an internal sponsor. So, would an access review help?
- Jason_SandysHi Asbjørn. There is no built-in construct for expiring user accounts or temporary user accounts in Entra ID. You can however build automation using Azure Automation, Entra ID Governance, or Identity Lifecycle Management. See https://learn.microsoft.com/en-us/entra/id-governance/identity-governance-overview and https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/automate-onboarding-amp-offboarding-tasks-with-microsoft-entra/ba-p/3871801l.
- What's the best approach to enable pre-release builds for devices managed by Autopatch? Changing the release in the default or customized policy causes a policy error.
- David_GuyerAutopatch release management isn't ready yet to support pre-release builds. I would recommend assigning those devices you want to enable for pre-release builds to separate Update Rings policies from Autopatch. HTH -DG
When browsing to bing.com on Windows 11, Edge and AOVPN we sometimes get error "error on line 1 at column 1: Document is empty Below is a rendering of the page up to the first error". (see https://answers.microsoft.com/en-us/bing/forum/all/i-cant-access-bing-at-all-because-of-this-error/30b1249d-9dcd-4c9a-81ee-5d21a0d0c8ac for detail), which is hampering our encouragement of the business use of Bing Chat Enterprise. Is there a solution to this please?
- KevinMineweaser_MSFTThanks Michelle, We have seen several reports on this issue, however it appears that there's not been enough data to assess if it's environmental or a bug. If you are able to reproduce the issue I'd ask you to open a suppose case or file a bug with Feedback Hub for further investigation. Thanks for the feedback! -Kevin
- Thank you Kevin :) Unfortunately it is not possible to force it to happen, it's very hit and miss. I know from previous tickets we've logged with MS support they're not keen on those type of issues, but happy to log it if you think it would help?
We know we're not alone because many other people are reporting it.
