EPM Service Account Breaks User Context In Apps
Hi, I am working with a customer who is wanting to make use of EPM for their developer team to run some applications with elevated permissions. They have noticed that when elevating certain applications with EPM that a service account is used (see MEM\AzureAD_AdeleVance_$ below), which therefore runs the app with a new user profile, removing things like user preferences, context and also breaks some apps that rely on domain permissions/credentials. From my testing, this service account only seems to be used by EPM when elevating already installed applications, not application installers. Is this by design and is there a possible workaround that avoids EPM using this service account?Solved1.4KViews0likes5CommentsRestrict Outlook ClientApp with Single Tenant or Specific Domain
Dear All, We have Corporate Windows devices which is managed by Intune MDM and want to block outlook client to configure only specific domain id or tenant. means other than specific domain or tenant user not able to configure or add additional account in outlook.722Views0likes0CommentsGIA - 2.0 - Get Intune Assignments
GIA - Get Intune Assignments Hello everyone I just released a new version from my App. Release GIA v2.0 - Get Intune Assignments · sibranda/GetIntuneAssignments (github.com) It's a C#.NET application developed for Intune to query MS Graph Information from Intune Assignments who target the Azure Ad Groups. You can export the data to CSV file if you wish. In this new version you can get information from the following types of assignments: Adm Templates; Applications; App Config Policies; Autopilot Configurations (new on 2.0); App Protection; Conditional Access; Compliance Policies; Configuration Profiles; Settings Catalog; Endpoint Security Policies; Enrollment Restrictions (new on 2.0); iOS App Provisioning (new on 2.0); Policy Sets; PowerShell Scripts; Proactive Remediations (new on 2.0). All this from a Graphic Interface with just a few clicks. Release GIA v2.0 - Get Intune Assignments · sibranda/GetIntuneAssignments (github.com) Please send me any feedback you want. This can help me to fix bugs and make better solutions to help everyone.1.4KViews0likes0CommentsMicrosoft Endpoint - Windows Selfdeploy / Autodeploy devices questions
Hi guys, I hope someone can help me with some questions about Microsoft endpoint/intune. I have some questions about Windows Autodeploy/selfdeploy devices 1. Can I install MS Office on such devices so that different users can work with that? (or is there a restriction from microsoft that such devices are not allowed to run office on?) 2. How do you guys keep track on the licensing of such devices when you have multiple on different locations? After the docs that I read, you just have to keep an intune license for every selfdeploy windows device, but you dont assign that license to the device, correct? Thank you very much1.9KViews0likes4CommentsMobile Device Management With InTune Questions
The company I work for have in the last month, migrated their on-premise email to 365 email services. Relatively small company with just over 100 employees. For desktop and laptops, we have an internal domain, which is used for device authentication and vpn. Every 90 days our AD policy requires users to reset their password. For pc and laptop users, both local and remote, because their kit has been added to our domain, the password change isn't too much of a problem. However for mobile users, on android and iOS devices, using a mix of outlook app and built in email app, changing password becomes quite a manual fair, especially since some have multiple mobile devices (iPad, iPhone etc) The password change date causes frequent account lockouts because the 365 domain controller also replicates with our internal domain controller, and when users for example change their password on their desktop pc, account locks quickly happened when they haven't manually changed their mobile device password! One caveat is that we dont currently have the option / service to allow users to reset their password via the web / 365 Our circumstances covered, would InTune be the logical solution. Prices? Presume there our options for both managed devices and byod ? Posting here, as had been waiting in the telephone queue for some time!2KViews0likes1CommentConfigure Apple Business Manager with Intune
Hi Team, I have a Intune Deployment for Windows and MacOS. I need Mac administration in Apple Business Manager for to control some MacOS options. The procedure is create a TXT record in DNS zone, the record is "apple-domain-verification=AQL0VzkzefmdypNS" When add DNS recordsends me a message that will replace the SPF TXT recordv=spf1 include:spf.protection.outlook.com -all This is correct? Any idea? Thanks,Solved2KViews0likes1CommentTwo MDM Solutions with One Office 365 Tenant
We have a requirement to use two different MDM solution with one Office 365 tenant because of user experienceissues. Can we use two MDM solution e.g. MobileIron and Intune with one tenant? If yes, what are the gotchas we should be aware of? Any pointers will be appreciated. Thanks!4KViews0likes1CommentConfigure mobile Chrome app with protection policy
Hi, I'm currently trying to implement app protection policies for iOS with the Google Chrome browser as managed app but I can't get the to receive company owned data. I configured an app protection policy with certain MS apps and tried to implement Chrome as customized app (with string: com.google.chrome.ios) and also configured a configuration policy for chrome with the IntuneMAMUPN string, but still I can't send data from a company managed app like Outlook to Chrome? Does anyone know this issue? Is it even possible to set Chrome on mobile devices as company managed app? Thanks and Regards.6KViews0likes2CommentsMDM / Intune planning
Good Day, I am looking into implementing MDM or Intune in 2021 to manage my 20 Andriod and iOS devices and maybe, later on, manage around 30 Windows 10 laptops. Which would be the best option? I read about a year ago that Intune has issues managing either Andriod or iOS devices in some way but can't find any information anymore. Has anyone set up either MDM or intune in a small environment and what issue should I be looking out for. Thanks2.8KViews1like1CommentMicrosoft365 device management not showing all company devices
Hi all, our company has 3 locations spread over the world and we are using Office365 / Azure / SP and CRM since years now. When I navigate tohttps://devicemanagement.portal.azure.com/known as the Microsoft365 Device Management I can see only 4 devices. Going to Azure AD Admin Center > All Devices I can see all 32 devices within the company but I am not able to manage them remotly because they have no MDM assigned. What do I need to do to enroll all company devices? Many thanks 🙂 Kind Regards Christian19KViews0likes7Comments