Best practice for Win10 local admin user when computer offline
I have question about your best practices for organizations. Scenario: You have only Azure AD joined - Windows 10 computers, with Intune MDM management. Only one user is using Windows 10 PC device, and has local admin rights. Additional Azure AD users are deployed as local administrators to the device. There is also Bitlocker encryption and secure boot implemented. Challenge: What if user forgets the password (or user is no longer active in organization), and device goes offline (example network card driver issue), how can other users / Azure AD users, login to the device, to fix the issue on local windows? Possible solution would be to deploy always additional local windows account, with admin rights, but this always has sign-in disabled (since Intune enforces this). What do you recommend?
Unknown filter (Notes eq 'bc3e5c73-e224-4e63-9b2b-0c36784b7e80') in Intune
Hi, While working with Intune Graph API, I noticed a weird filter in the http://endpoint.microsoft.com used in their API calls. $filter:(Notes eq 'bc3e5c73-e224-4e63-9b2b-0c36784b7e80') I am trying to sort the devices in the response by their enrolledDateTime. I used the orderBy parameter in the request, but I couldn't get the desired response. $orderBy:enrolledDateTime When I used the above filter along with the orderBy parameter, the devices in the Graph API response were sorted. I couldn't find any data on the specific filter. It seems like the filter is hard coded into the website. Could you please provide any information about this filter used in the http://endpoint.microsoft.com API calls ? GET https://graph.microsoft.com/beta/deviceManagement/managedDevices Thanks. Intune_Support_Team
