Microsoft Defender (for Business) not showing onboarded device via Intune
I am having some real fun with Devices not being shown in Microsoft Defender (for Business) after following the necessary instructions provided by Microsoft. Devices are not showing in the Microsoft Defender portal. I have used the local onboarding scripting method and gone directly through Intune. Would there be a conflict running the two? The account being used to perform these tasks is a Global Admin (even with Security Administrator rights). In respect of Intune, the Connection service between Intune and Defender for Endpoint (EDR) is fine. I have used a preconfigured EDR policy option to onboard the device, and I have checked the registry key HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection, which states an OnboardingInfo value, indicating that a device has been onboarded to Microsoft Defender for Endpoint. I do have an issue relating to Default Device Compliance Policy - Has a compliance policy assigned and a policy issue for 'create local admin user account', but Intune is saying the device is compliant. Would these issues cause an issue, and what else should I check for?
Are you unable to open Google Chrome or any other browser?
Cause & Solution: If you are using Microsoft Intune, the Microsoft AI system may have automatically created a rule that blocks third-party browsers such as Chrome and Firefox. To resolve this, you need to deactivate or delete the automatically generated rule under Windows Configuration Policies.Microsoft multi-tenant management resource guide
Welcome to your home for all things #IntuneforMSP. Our goal is to help you grow your Microsoft Managed Service Provider (MSP) business with productivity apps, intelligent cloud services, and the world-class security of Microsoft 365 combining with the multi-tenant management capabilities of our partners. So, where to start—and where to go to take the steps after that? Right here! We’ll soon be announcing dates for a series of regular webinars, where Microsoft and our partner share expertise and insights specifically related to the world of the MSP. Until then, here are some resources to help. Follow or favorite this page as we’ll be updating it frequently with new events and new readiness materials. Jump to: Marketing and business development | Demos and tutorials | Partner resources | Microsoft communities | Select content from Microsoft MVPs In the spotlight Click the image below, to watch the Microsoft Intune multi-tenant management video with Jonathan Edwards. Marketing and business development Start here: Microsoft 365 Business Premium Partner Playbook and Readiness Series Sign up for more sales training: Level Up CSP Training: Modern Work and Business Applications Explore similar offers: Microsoft Security Partners And, if you haven’t already, sign up with the Microsoft Partner Center. Demos and tutorials Whether deploying solutions for yourself or for your customers, these resources can help you with prescriptive ‘do this next’ guidance to get you up to speed quickly. Download this guide: Enhancing Security with Microsoft 365 Business: A Hands-on, Effective Guide Follow along with the companion video: Achieve greater security and productivity with Microsoft Intune and Microsoft 365 Explore click-through interactive guides for more advanced instruction: Microsoft Intune guided demos Topics include configuring app protection policies, configuring Conditional Access, updating Windows from the cloud, configuring corporate devices, deploying and managing line of business (LOB) apps, enabling Universal Print, accessing corporate resources on personal-owned devices, setting up Windows Autopilot for new device delivery, and reducing bandwidth consumption with Delivery Optimization. Partner resources Nerdio knowledge hub Inforcer resources Microsoft communities Microsoft 365 Blog small and medium business-related posts Microsoft 365 Partner LinkedIn channel Select content from Microsoft MVPs To find an MVP near you, visit the Microsoft MVP home page. Peter Klapwijk - In The Cloud 24/7 Blog Ugur Koc - Ugur Koc Blog Andy Malone - Andy Malone on YouTube Rudy Ooms - Call4Cloud Blog Somesh Pathak - Intune IRL Blog Oktay Sari - AllThingsCloud Blog Jon Towles - Mobile Jon Blog
Android 15 - CredentialProviderPolicy not surfaced by Intune
I have been having an issue with Android 15 devices. We use Authenticator as our password autofill provider. As soon as a device is updated from Android 14 to Android 15, the password autofill provider is no longer set and the setting to change it is 'blocked by work policy.' I have already tried removing all policies that apply to the devices (device config and device compliance policies) and factory resetting them. Simply having them enrolled as corporate owned fully managed devices causes this to happen. I raised the issue in the Android Enterprise community blog. A link to that is included below. Someone on that thread found that there is a policy in Android 14/15 called the credentialproviderpolicy. When that policy is blocked or unconfigured, this behavior happens. I cannot find anywhere in Intune where I can set this policy. It seems that it is allowed by default when managing Android 14 with Intune, but not set or blocked when the device switches to Android 15. Is there any way to specifically set a policy that is not reflected in the Intune UI? This is a blocker for being able to move more phones to Android 15. Link to Android Enterprise thread: https://www.androidenterprise.community/t5/admin-discussions/android-15-cannot-set-default-password-app/m-p/8827#M2105 Thanks, TomRestrict some devices
Hi All I hope you are well. Anyway, I'm looking for some advice. We have identified some Intune enrolled, Entra ID joined devices that may be security risks (malware) and would like to restrict these devices from accessing things like M365 apps, Azure VPN etc etc. What's the best way to achieve this? Conditional Access and target a group with the devices as members? Info appreciated
Is there a way to see the current operating system version for BYO devices in Intune?
We have a mix of company managed and byo devices in our environment. On the byo side, we have both iOS and Android devices. For COMD devices, Intune shows current operating system information. For BYO devices, Intune only shows the operating system when it was enrolled and doesn't appear to update that info when the operating system version updates. Is there a report or query that would allow me to see the current operating system on BYODs?
Entra Registered vs Entra Joined
Hello All, In a workgroup environment, all devices are Entra Registered, and Intune enrollment is enabled for the group. I understand that Entra Joined devices have greater management capabilities in Intune than Entra Registered devices. Could you clarify which features or policies are not available for Entra Registered devices compared to Entra Joined by Intune? Please share any relevant Microsoft references. Thanks
Company Portal Installation Deplay/Failed
We have recently observed an issue with the deployment of the Company Portal Application. It either takes a long time to install or fails to install altogether. To address this, could you please provide the following information if available The destinations that need to be allowed via the corporate network, whether it involves the firewall or Proxy? Any specific requirements regarding SSL inspection; does it need to be disabled? The Winget command executed to install CP in the backend; does it depend on any specific version of Winget?
Intune APK Upload Error
Good morning. Since Monday 8th June I have been unable to upload a private APK within our Intune Managed PlayStore portal. When uploading the APK file it errors, "Can't publish app. Try again in a few minutes." The error message is very generic and suggests its just a system global error but it's been on going for a few days now. I have also tried uploading a previously successful APK file with the same error returned and several different browsers. Is anyone else having this issue or has any idea on how to fix or contact for support?
