Installing Win32Apps while no console user logged on
Here is the scenario: I am currently working on a project to deploy and manage apps using only Intune. I have been packaging everything using PSADT. Now I am able to deploy full complement of apps like AutoCAD, Revit suites, etc. with success (even using Pre-Provisioning). I am using device assignment exclusively and managing the different software deployment formula using either Device Categories (or Group Tags within Autopilot Device for the pre-provisioning steps separately). Now I am reaching the point where I need to put in place the setup to maintain all this with upcoming updates and hotfixes (AutoDesk mostly). As expected, I don't want to be updating apps while the users are actively using them in production so I have been experimenting with a way to perform the software updates using a combination of Superseding strategies along with some Requirements scripts (like detecting if the acad.exe is running or not) to automate the deployment of those updates. So far I have been successful, except that at some point my users are shutting down their PCs when not using the software's (Revit, AutoCAD, etc.). As you can imagine this poses a recurrent issue for the updates... I am now experimenting with a requirement script that detects if a users is currently logged on (console session) on the device in order to allow the update to be performed. But for some reason Intune doesn't seem to be installing the software until the user logs on (even if the device is left at the CTRL+ALT+DEL screen, I even disabled the "Shutdown/Sleep" options in windows to encourage the users to NOT shutdown their machines for the updates). Obviously the user opens the update targeted software soon after logging thwarting the concept. Any idea on this ?
Autopilot enrollment via MDT
Hi all, Within our organization, we’re implementing Microsoft Endpoint Manager to manage devices like laptops. The situation is as followed: laptops are currently unmanaged and we’re trying to find a user-friendly way to enroll these laptops in MEM. Options to add a ‘Work or School account’ aren’t an option as users only have a ‘user account’ without admin rights. On the other hand, we’d like to take this opportunity to enroll a new (clean install) image with configurations and software from MEM. After installing the OS with MDT and the offline JSON profile the device boots with the expected OOBE screen, ready to enroll in MEM. After entering the credentials the device is enrolled in AAD. Based on some rules the device is added to a dynamic group that is assigned to the ESP and configurations… probably AAD detects the membership too late which returns in a half-baked configuration. We prefer to enroll without any manual interactions such as installing a provisioning package or running a PS-script from the OOBE-screen. Any suggestions so devices will get their ESP and configuration profiles that are assigned to the group as pre-provisioning isn’t an option with offline Autopilot profiles? Used resources: https://docs.microsoft.com/en-us/archive/blogs/mniehaus/speeding-up-windows-autopilot-for-existing-devices https://docs.microsoft.com/en-us/mem/autopilot/existing-devices Thanks in advance!
How to get a not assigned device in Intune (Autopilot), without HardwareHash (Existing Device)
Hello, I have a device in intune, its not assigned. Im testing it to get the device in the Autopilot Device Enrollment profile (Deployment Profiles), the mainly problem is, that the device is N/A. Is there a way to get the device in AD, without a HardwareHash? Thanks!
