Any Intune polices applicable for personal Laptops, that are not enrolled to Microsoft Intune
Hi All, I have a requirement, where i will provide the AVD machines to vendors, using that AVD machines they will access my applications, but they will use their windows machines and home internet to connect the AVD machines given by us. We cannot enroll their windows machines to the Microsoft Intune that belongs to our tenant (where the AVD services are hosted) Is there a way to ensure the windows machines used by them should need to have the basic level of hygiene (Latest OS, Antivirus and latest browser versions), before the access is granted to them to connect AVD machines? Also, if they register their windows machines as Entra ID in our tenant, without enrolling their windows machines to Microsoft Intune, what level of controls/checks that i can do in their machine level before i allow them to connect the AVD services? Please share your thoughts.
Conditional Access Policy for Exchange
Hello Everyone, Previously, our on-premises Exchange was restricted to the internal network. After configuring HMA with Exchange Online, users can now authenticate and access their mailboxes from the Internet. We aim to enforce a conditional access policy to block Exchange access from the Internet for all users except a selected group. These selected users should only access Exchange from Intune-enrolled phones. During testing, a policy blocking a user from Exchange Online also prevented access from the internal network, likely due to the HMA setup. Could you provide guidance on addressing this? Thanks.🎙️Podcast: Microsoft Ignite E03
🎙️#Podcast: Microsoft Ignite E03 I had an incredible time chatting with @liorbela.bsky.social in my latest #MSignite podcast episode, where we delved into key highlights from Microsoft Ignite 2024 and exciting developments in the Intune world #msintune Youtube: https://youtu.be/mnxHRLz3EMg?si=pab6wByZpQ2tnf5PAccess Issues due to supervised Device
Hello we have Supvised (ADE) and user affinity iOS devices in our company. The users can log on to their device via their Modern Auth and the whole thing is managed with Intune. As a company, we have access to Azure Virutell clients (Win 11) hosted by our customers. If I now want to access this virtual Azure client via my supervised iPad and the iOS AppWindows App, I receive the message: ‘Warning: incorrect configuration. The administrator wants the apps on this device to be managed via the ‘xxx’ account. [...] To access company data via the ‘yyy’ account, you must unregister your device from the company portal’ Is it possible to define exceptions in Intune so that I can log on to the virtual client with credentials other than those stored in the company portal? best regards
How to Force to Login to Company Portal for iOS
Hello We have already some iOS corporate or company managed devices. But they have not logged in to Company Portal app yet. As per this guide : We can set in User affinity , But will it work for to Already enrolled devices ? https://techcommunity.microsoft.com/blog/intunecustomersuccess/setup-assistant-with-modern-authentication-for-ade---intune-public-preview/2279061 How can we force them to login to Company Portal without Wiping it again as they have started using it. Thanks
Unable to log into Microsoft Intune - Linux Ubuntu 22.04 LTS
Hello, Having issues Logging into Microsoft Intune on a Ubuntu 22.04 LTS Box. Have installed Edge, then Intune following the Microsoft guide however I cannot Sign into Edge, I get a Something went Wrong [1001} error. When trying to sign into Microsoft Intune App, It takes you to a page in Edge for SSO. You enter your details and it tells you to install the Intune application in an endless loop. Has anyone managed to fix this?
Unable to setup Microsoft Global Secure Access
Firstly I am not getting any login prompt to login to the GSA client on any of my devices and when I navigate thru to the advanced diagnostics area and the health check area I get : ( I dont belive i am logged in ) Im not very sure if I've set it up correctly so an input on this would be much appreciated Thanks, Rhythm
Enable MFA method
Dear, Currently in our company, the authentication methods policy > Microsoft Authenticator defaults to “any”. Either “passwordless” or “Push”. It is possible to enable the following authentication method through a conditional access policy, currently it is enabled for some users. Desired authentication method: The current method is as follows: Can it be enabled for professional accounts or is it only focused on personal accounts? Thanks in advance.Conditional Access and Global Secure Access
I'm testing Entra's Global Secure Access. I have a CA policy that basically says, I can't access any cloud resources unless I'm on a compliant network. I need to sign into a device with a licensed user to connect to the GSA client. If I turn off all cloud apps, I can sign into the Edge browser just fine, which then associates my user with a license that will enable the GSA client. Here's what I really don't understand. If I target ALL cloud apps and literally exclude every cloud app available, it will not give me access. Basically, I was just trying to figure out which cloud app is blocking me from signing in, but it appears as though there is something else going on. Any help would be greatly appreciated.
App Proxy Pre-Authentication
Hi there, I just setup a NDES + SCEP on our infrastructure and all is working well so far but I was wondering If it is possible to allow only Entra Joined devices (intune managed) to it instead of Entra ID auth (user auth) or passthrough. I tried with conditionnal access policies with no luck so far. Thanks !
