Intune Password Policy Precedence
Hi All Having difficulty trying to figure out the following I have created a password policy on Intune for my MDM device (windows 10 pro) However, i notice that the more restrictive policies always take precedence. For example Local machine has policy to expire user password every 5 days. On Intune the policy for password expiration is set to 10 days. Local machine password expiration policy will take effect. Likewise for option such as password length. I will like to ask if i) is that the expected behavior? ii) is there anyway to force intune created policies onto the local device? Thanks in advance! Jimmy
Minimum password length " -2016281112 (Remediation failed)"
Hi all, I'm trying to set minimum password length with Intune. Before, this didn't work at all, because, quoting from Microsoft: If DevicePasswordEnabled is set to 0 (device password is enabled), then the following policies are set: MinDevicePasswordLength is set to 4 MinDevicePasswordComplexCharacters is set to 1 Basically if I used any Intune password policy, it would be set to 4. However now, suddenly i see this working. In MDM diagnostics, I have; DeviceLock DevicePasswordEnabled 0 DeviceLock MinDevicePasswordLength 14 However, some devices get " -2016281112 (Remediation failed)" ERROR CODE 0x87d1fde8. I have two Azure AD joined Intune devices. One succeeds and the other fails. Both 1809 .437: 1) One succeeds and gets MinDevicePasswordLength=14 while DevicePassWordEnabled =0 (enabled), which shouldn't be possible according to the docs, but it is what I want. 2) The other gets error and sets MinDevicePasswordLength=4 while DevicePasswordEnabled =0 (enabled), as expected by the docs. What's going on? Thanks