User Profile
rossonero
Copper Contributor
Joined 6 years ago
User Widgets
Recent Discussions
Google play store private App - update app - sync to Intune
So intune I have a google play store private app synced to intune. Installation works fine for that app. Now I go to appstore and I upload a new version of the app (just updating exisiting app) Upload in android backend works fine, but how to trigger an update to intune ? . As far I can read update happens every 8 hour, but is there a way manual to trigger an update ?3KViews0likes1CommentOnedrive for Mac - Log - last successfull sync
On Mac (running latest Sonoma) I looking for a way to find log files that shows latest successfull sync time. In older mac versions there in the onedrive folder was a .dat file that had entries on last sync times. But in Sonoma the version of onedrive seems to have changed, and the dat file is not there anymore. I guess somewhere the sync information must be stored if sync has run or not - but cannot find it Hopefully there is some onedrive mac experts who can help3.2KViews0likes2CommentsEdge - app protection policy
I have a App protection policy (also created in conditional access), where issues appear when adding Edge. Without adding Edge to app protection policies, I can open edge - and there is a message that edge is not part of any protection policy, which is correct When I add edge to app protection policy, it start up with "checking app" and then edge just close. If I try and open edge one more time, it just closes right away (without even "checking app" appear) I have tried on several devices, and it is the same issue. So what must be done to to get edge working with app protection policy. I tried for test just create an default app configuration policy with edge - but still same2.5KViews0likes6CommentsIntune - assignement of apps - Android
We enroll android devices with work profile. So we enroll a android device and there is a seperate "work" area with a google play store app. Inside this google play store app in work area, we would like to place apps as teams, outlook, excel etc - so people can go in there and download them if needed to their work area If I scope Outlook for Android to "all users" or "all devices" as "available"- and go into the google play store app inside work area it does not appear. If I instead "require" the install it will auto install on devices Is there no way to make them only "available", so users can download them on their own if they need them. Think if we just default install them, users will say why do install these apps as some maybe only need outlook, while other needs Teams etc.Device compliant in intune - but on device rapported as non compliant
We have one device, that really seems strange. A Iphone 11 (BYOD) is enrolled in Intune. In Intune the device is marked as compliant and everything OK. If we open company portal on the device it rapport that the device is not managed, and ask to enroll it - which is of course not possible, as it it already enrolled. We of course tried to remove the device in intune, remove the management profile, restart etc - but everytime the same things happen. After successfully enrolled and the device looks fine in intune - but on the device it keep saying that it is not compliant. We have conditional access requiring device to be compliant to access office 365 - and also in the error logs in conditional access of the user, it state the error that device is not mdm enrolled - and again, Intune rapport it compliant in the backend One thing that I notice - When I enroll a device in Intune, the device typically appear in endpoint under "devices" - and also a entry in "portal.azure.com" under devices. But for this device when enrolling, the device only appear in endpoint and not in portal.azure.com. That at least seems strange for me,Re: Intune App Protection Policies (The apps on this device are already managed)
Do we have any microsoft case number on this issue - so I can give that as reference ?. yes- for us it is a Team problem, nothing with outlook. Have downloaded latest Outlook and teams app etc - nothing changes6.8KViews0likes6CommentsMCAS - Mac - certificate
So I use Cloud app security with conditional access on mac, where I supply root certificate and client then select the User certificate in the system keychain. Works fine mostly But often I see on running clients like using Outlook or teams app that MCAS suddenly prompt to select certificate. There is only one certificate installed, so certificate is selected and then MCAS shows that access is blocked. If I restart the app and login again, it typcically works again - or in worst cases have to restart the Mac fully. How can that be and it is an on-off problem, that happens randomly to clients1.5KViews0likes1CommentCloud app security certificate
So I setup cloud app security thorugh this guide https://chrisonsecurity.net/2021/06/24/conditional-access-using-certificates/ I am using mac and testet on machine where it first time ask for certificate for entering outlook. So work as it should Do I however, go in afterwards and remove the certificates, I am afterwards still able to access outlook - also even I wait several hours. Should MCAS go in and block if the certificate is missing or is it only first time ?- because then it is not usable for us as we then cannot block devices if needed2.7KViews0likes1CommentEnrollment - teams room
We have a Poly X30 android based teams meeting room. There is a build in company portal and it ask for enrollment. The issue is that the account that is used with enrollment is also the account that is automatically signed into teams. So A DEM account cannot be used, as each Teams meeting room device, has to use it own sign-in So what is the best practise, as we usually require MFARe: No user affinity - conditional access
rossonero Can see that my devices with a system account fails the compliance, so also fails the conditional access. So how can I either add those devices to a compliance policy - or how can I exclude them? I could easily make a device group, but this will not work as exclusion in Conditional access, as it must be user based. And the user "system account" is not a azure account, so wondering what can be done. Guess that also non-user devices, should be able to be verified with compliance ?6.7KViews0likes1CommentNo user affinity - conditional access
I have a conditional policy that require the device to be compliant. But I have devices that have no user affinity so there is no compliance evaluted. Will they still fit in under compliance, so the CA policy don´t kick them out as they don´t have any compliance evaluated?7.2KViews0likes9CommentsRe: Azure dynamic group
Think I now what the issue now is. When I check in the dynamic group the name of the device and which OS it shows fx 12.5.1. If I look up the same device name in intune it rapport a different phone and latest OS. So somehow it is also all the retired devices that the user had before that the dynamic group rapports.2.5KViews0likes1Comment
Recent Blog Articles
No content to show