Microsoft Store-App (Legacy) - Url for Endpoint Manager
Hello Everyone, can anybody tell me, where i can find the "Appstore-Url" for every app within the MS App Store. In the past you were able to find it under the headliner "Developer and IT" --> Endpoint Manager. The link should look something like this: I want to deploy some apps via Microsoft Store-App (legacy) Thanks a lot!Intune Fresh start Windows not loading
Hello everyone, One of our company devices is currently unable to load Windows. I'm looking to perform a fresh start via Intune, but due to Windows failing to load, this isn't feasible at the moment. As we're operating remotely, I attempted to guide my colleague through a Windows recovery process. We tried a local recovery, but unfortunately, it was unsuccessful. Cloud recovery isn't an option either because she lacks a LAN cable and can't connect to the internet. Is our only viable solution to manually reinstall Windows?
Move Hybrid Azure AD Devices to Intune
Hello, we have already a lot of devices on our azure active directory (AD) registered. We want move them to Intune / Autopilot without generating hardware hashes. Is it possible? To move existing Azure AD Devices to the Microsoft Intune Center? And how we can solve this problem? Thanks a lot Best Regards NY
Shared Device / Encryption and Admin
I am deploying a few machines as shared devices as described here: https://learn.microsoft.com/en-us/mem/intune/configuration/shared-user-device-settings Can anyone help me clarify if I can deploy a Bitlocker configuration profile to these devices, as they will only be operated by standard users? I'm also wondering what the best practice is for local admin rights. For just a couple of machines I have software that won't deploy nicely so was wondering how to do a local install on the machines? I also have something that needs elevated rights when run as a standard user. This is not my field of expertise and I'm struggling to find answers online, so perhaps I'm asking the wrong questions! Grateful for any guidance!Intune 403 error - When accessing InTune Portal
Hi Intune Community, I have two users who I have given them the Application Manager role with full access, under Tenant Admin --> MEM roles but they are receiving following access error when they try to reach Intune/Endpoint Manager: I read https://techcommunity.microsoft.com/t5/microsoft-intune/401-and-403-error-when-logging-into-endpoint-admin-center/m-p/1713817#M5226 link, which does not apply to our environment. As we already have the MDM set-up and running. Any thoughts/help appreciated.
Uninstall application that was installed as a Win32 intune.win application
I used an application called Actual Installer Free/Trial to package a link to our company SharePoint online with a custom icon image for our team to access an excel file easily with the link. I used Exe to Msi Free to convert the created .exe to a .msi so the intunewin application will actually package it. The detection rule works properly and the application installs with the successful install. I now need to uninstall it so I can change the link as for some reason the original link no longer works. Don't even ask about doing an upgrade because I have no idea how to do that. Sure I would love to know how to use PowerShell for all of this. But I don't learn via videos. Or really by speaking to me. Show me. Don't tell me. I learn by reading a complete guide on every step and then do it myself over and over again. Is there anyone that can help me with this? Side Note Why did Microsoft have to make so many things with absolutely no step by step guides?manage Interactive logon & Windows Hello multi-factor unlock
Hi everyone, We're going step by step on the passwordless strategy from Microsoft. Windows Hello multi-factor unlock is deployed in a Pilot Group but now I have two questions, which I hope someone here can answer. Question 1: disable Windows Hello multi-factor unlock Managed to enable WHMFU over custom OMA-URI Settings. But how can I disable it again? I tried it with a second custom OMA-URI Settings configuration profile which is configured as follows: It works, but it seems, that it isn't disabled correctly. Sometimes I still get a message in the logon process which says something like "additional factor needs to verify" but it displays very quickly, and I verified that I can log on with only one factor again. Disabling the second unlock factor is configured like this as well. Question 2: Enable "Interactive logon: Require Windows Hello for Business or smart card" We want to enable this security option. However, Intune doesn't offer to manage this setting. So, I think that I must enable this over a custom OMA-URI Setting too or PowerShell script. How can I achieve this? Thanks so much for any support ❤️
Storing bitlocker recovery password in AD/Azure AD for Removable drives
Hello We have applied Bitlocker through Intune for OS, and Fixed drives for enrolled devices. Recovery passwords are saved on Azure AD/AD. We have a requirement to apply the same for Removable drives, Subset of the settings are there in Intune, but it seems that we can't save the recovery password for removable drives on AD/Azure AD. As shown below, those settings are not supported in MDM. can we apply the setting by custom OMA-URIs ?
Enroll Existing Azure AD Joined Machines to Intune
Hello Community, We have an environment with 1500 Devices consisting around 1000 Devices which are already Azure AD Joined & around 500 Devices which are Hybrid AAD joined connected to local AD. We want to onboard All devices to Endpoint Manager however we are unable to find a way to Bulk enroll devices to Intune. Our requirements are: Enroll Existing Azure AD joined device to Intune without User Interaction in Bulk or through some automated approach. (We do not want to manually enter Creds to enroll neither want to reset AADJ) Enroll Local AD joined devices in bulk without renaming the Computer Name as the Windows PPKG is forcing to rename the devices. How can we keep existing device name while enrolling. (We are aware of GPO Approach but did not tested it yet hence unaware of any Cons of using it) What we have Tried so far and our expectations? Created a Windows Provisioning Package but it does nothing on an Existing AADJ Machine except renaming its computer name. We do not want to perform Manual "Enroll Only in Device Management" Step but tested it and it does Enroll Device as Personal Device and not corporate. Provisioning package works well on a non-AADJ machine and enrolls the machine. We cannot disconnect AADJ or Reset Devices. We do not want our users to have local admin rights. (Optional) We would like to have current logged on user mentioned as Primary user in endpoint manager. (Optional) Do not want to use Provisioning package on Local Join Machine as it will rename them. (Optional) Tested some scripts but no success. Deep link do not work. Our Machines are not Managed through SCCM but we do have RMM Service in the environment which can deploy Apps and Packages on the devices. At the end our Motive is to enroll AADJ devices to Intune so we can start managing them, the enrollment process should not be a pain for our users or hampering their workflow. (We can ignore Optional requirement if its not possible to achieve ) Looking forward for some valuable suggestions! Thank you!Unknown filter (Notes eq 'bc3e5c73-e224-4e63-9b2b-0c36784b7e80') in Intune
Hi, While working with Intune Graph API, I noticed a weird filter in the http://endpoint.microsoft.com used in their API calls. $filter:(Notes eq 'bc3e5c73-e224-4e63-9b2b-0c36784b7e80') I am trying to sort the devices in the response by their enrolledDateTime. I used the orderBy parameter in the request, but I couldn't get the desired response. $orderBy:enrolledDateTime When I used the above filter along with the orderBy parameter, the devices in the Graph API response were sorted. I couldn't find any data on the specific filter. It seems like the filter is hard coded into the website. Could you please provide any information about this filter used in the http://endpoint.microsoft.com API calls ? GET https://graph.microsoft.com/beta/deviceManagement/managedDevices Thanks. Intune_Support_Team
