Anomalies with Conditional Access Policy "Terms of Use" Failures
Hello Microsoft Community, I'm reaching out with a bit of a puzzle regarding our "Terms of Use" Conditional Access policy, and I'm eager to tap into the collective wisdom here for some insights. In our Entra ID User Sign-In logs, we've identified intermittent "failure" entries associated with the "Terms of Use" Conditional Access policy. Interestingly, even for users who had previously accepted the "Terms of Use". There appears to be no discernible impact, and they continue their tasks without interruption. This observation became apparent during the troubleshooting of unrelated Surface Hub and Edge Sync issues at some client sites. What adds to the complexity of the situation is that for the same users, both before and after these "failure" entries, the Conditional Access policy is marked as "success". Hence, it doesn't seem to be a straightforward case of the policy erroneously detecting non-acceptance of the "Terms of Use". The mystery lies in understanding why these intermittent "failure" entries occur for users who have already accepted the terms, especially when the policy consistently reports "success" for the same users. Furthermore, the Insights for the "Terms of Use" Conditional Access policy show around 1.48k successes and 1.43k failures in the last 90 days, yet there's no discernible impact on user functionality. Observations: "Failure" entries in Sign-In logs don't seem to disrupt users' day-to-day activities. The ratio of successes to failures is balanced, yet users experience no noticeable problems. The issue complicates troubleshooting efforts but doesn't significantly affect the user experience. I'm turning to the community for guidance on interpreting and resolving this discrepancy between "failure" entries in the Conditional Access policy logs and the seemingly unaffected user experience. Any insights into why these failures occur without user impact would be greatly appreciated. For additional context, I've attached screenshots of a user's Sign-In log entry and the insight chart from the Conditional Access policy. Sign-In log of a user (failure): Sign-In log of same user (success): Current Conditional Access insights: Thank you in advance for your time and assistance. I look forward to any guidance or solutions you can provide. Best regards, Leon TüpkerMonitor logical disk space through Intune
Hi All, We have a requirement to monitor low disk space, particularly on devices with less than 1GB of available space. We were considering creating a custom compliance policy, but this would lead to blocking access to company resources as soon as the device becomes non-compliant. Therefore, we were wondering if there are any other automated methods we could use to monitor the logical disk space (primarily the C drive) using Intune or Microsoft Graph. Thanks in advance, DilanSecure Score - Enable conditional access policies to block legacy authentication.
Hi all, it reports me to block legacy authentications for all users, however I have already done so by configuring conditional access; does anyone else have the same report despite the fact that we have already implemented blocking?
Secure score Drops Down temporarily due MS set exclusion attribute to system
Hello, One of client encounter problem, when secure score drops down from ~85% to 64%. Last month there was one drop. Now its repeats two days in a row. Drop encounters at 3 AM (+3h time zone) when all our exclusion attributes automatically set to System. And restores ~ 11AM same day, when attributes were automatically set back to administrator which made exclusions. This is important to us and client because we have agreement to keep secure score at 80%+.
In_Memory_PE_File which failed the dynamic code trust verification
I am trying to deploy a LoB program for a customer that have a Windows Configuration, WDA Application Control policy setup in M365. The program, High QA, has path and publisher allows in the policy, and it opens without issue. The error is encountered when you open a file inside th application, nothing loads but the Event Viewer, Code Integrity/Operational catches the following error: ...\InspectionManager.exe is trying to load In_Memory_PE_File which failed the dynamic code trust verification with error code 0xC0E9002. The policy has the Dynamic Code Security option enabled. I am hoping there is something that can be done other than turning that option off? Thanks in advance.
Wi-Fi Enterprise Profile Intune
Hi Community We plan to configure Wi-Fi (Enterprise Profile) via Intune and are currently managing Wi-Fi via GPO so i would like to inquire about any test cases or scenarios available to validate Wi-Fi settings via Intune or any recommendations. Anyone can share End User experience.New Blog Series: Unmanaged Devices
I'm happy to introduce my new blog series on unmanaged devices. In this series, I'll discuss various strategies and methods to reduce security risks and protect against the threat of unmanaged devices accessing your environment. I have written seven posts on the topic so far, which are: Enforcing Limited access with Conditional Access Enforcing Limited access with Sensitivity Labels Enforcing Limited access with Session Policies Mobile Application Management for Windows Onboarding personal mobile devices into MDE with MAM Quick Guide: How to disable personal device enrollments Secure access for external admins working from their own devices But why is this topic so important? Did you know that in 2023, nearly nine out of ten successful ransomware attacks were carried out through unmanaged devices? Also, users accessing and downloading sensitive company data onto their (unmanaged) personal devices is something to be worried about. Find all my previously published and future planned blog series posts in the following announcement post: https://myronhelgering.com/how-to-protect-your-environment-against-the-threat-of-unmanaged-devices/
Toast Notifications for When Apps Are Out of Date
Hello, My organization is trying to find a way that we can have toast notifications appear onto computers that say to the users that they have out of date apps that need updating. We are a small business, and a lot of computer's apps are not being updated, and I do not want to send an email for each user that they have out of date apps. Any help is greatly appreciated. Thank You, Max Mulvihill
