Quantcast
Channel: Microsoft Intune
Viewing all 1216 articles
Browse latest View live

Cannot renew "free" Microsoft Intune for Education subscription

February 24, 2020, 5:51 am
$
0
0
(Note: Microsoft "Support" told me to turn off "Try the new admin center" so the images show different layouts.)
When I click "extend end date", I have the option to enter a new license key or to add a credit card. I don't have a new license key to enter, but since it's already "free", I shouldn't have to buy a new subscription to get a new license key.
When I try to select "Add a payment method", I get the error message, "We are sorry. An unforeseen error has occurred. (CV: ZIE29yAwbkqyVBJm.0.9)". Googling the error produced zero helpful results. Please advise.


Search

Migrating from VMWare Workspace One to Microsoft Intune / Endpoint Manager

February 24, 2020, 3:21 pm
$
0
0

Anyone have any experience or know where to find any information on migrating from VMWare Workspace One to Microsoft Intune / Endpoint Manager?
I assume all iOS / iPadOS /. macOS Apple DEP Enrolled Devices (with DEP Profiles and Assigned to Users) in Workspace One would need wiped clean, removed from WSO MDM and Assigned to Intune MDM in Apple School / Business Manager and then re-enrolled in Intune using DEP Configuration Profiles and Assigned to Users (with Affinity or Manual). If that isnt right, please let me know
What about all created:
User / Device Profiles,
User / Device Smart Groups
Files / Actions - Product List Configurations
All downloaded VPP Apps - Need downloaded Again in Intune?
All Created Win32 Apps
All Created macOS Apps
Thanks for any information you can provide!

Microsoft 365, Intune, and Print Management

February 26, 2020, 5:58 pm
$
0
0

I'm seeing slow of opportunity to move some small clients to Microsoft 365 and ditch their on-premise server requirements. However, one of the biggest pain points is printer deployment in Intune. On a traditional Windows domain, just setup the print server role, install the printer, and deploy via GPO. However, Intune lacks a equivalent solution.

For those who have made the move to Azure AD and Intune, how have you handled printer deployment/management? I know there are third-party solutions out there like Printix, but the additional cost is hard to swallow when it seems this functionality should have already been built into Intune (at least for deploying printers, not necessarily managing print queues).

Thoughts? Suggestions?

Windows Autopilot - Hybrid Join for offsite employees.

March 2, 2020, 8:46 am
$
0
0

Good Morning!

Our IT group is looking at Windows autopilot as a no touch solution. From what I understand -

Ideally IT is looking to have a system shipped directly from the vendor to the user and have a no touch deployment that is hybird joined. From my understanding this is not possible since it seems to have to "speak" to the inhouse AD to complete setup.

Has anyone else have a similar use case? I was curious what solution are available and if Autopilot is suitable for what we are trying to do.

Thanks!

Is it possible to block keywords from login password with Intune

March 4, 2020, 2:43 am
$
0
0

Hi

Is it possible to block keywords from your windows or device login with InTune? thinks like "Welcome" or company names?

Setting up an Intune Kiosk errors

March 4, 2020, 1:30 pm
$
0
0

I am working on setting up a SIngle App Kiosk via Intune.

The process will mostly complete. It deploys the Kiosk Browser, but refuses to auto-login consistently. Every now and then it will, but with no real rhyme or reason.

I've been digging into the logs and this seems to be associated with the AssignedAccessCSP. I have read some stuff about these CSPs and it seems I need to make a change to it to fix the auto login. However, I can't seem to find a way to update these XML files.

I see that I can create a custom CSP file but i figured I would be able to use the interface to mnake this work.

I have checked the DeviceManagement-Enterprise-Diagnostics-Provider logs. And found a consistent error.

MDM ConfigurationManager: Command failure status. Configuration Source ID: (03A5CE96-029E-44FD-BF01-A0C1A0BFD886), Enrollment Name:...

Finding hybrid AD joined devices

March 6, 2020, 10:30 am
$
0
0

Ring Ring - Hello, this is the helpdesk. Yes how can I help you? My computer is acting weird.

We've all done this one. But now I'm in the hybrid Azure AD joined world. We just enabled TeamViewer and we'd like for our helpdesk staff to be able to look up information in Azure AD/Intune about the device the user is calling us about while trying to get TeamViewer connected. The only bit of information that we have is the user's name so their azure joined device must be associated with their userID, right? I can click on Azure AD users, type in their name, click on their name and their Azure AD user info page opens. There is a menu item on the left side that is labeled Devices.
Apparently in Hybrid Azure AD this Devices menu item appears to be meaningless and points to nothing - not even the hybrid Azure AD Joined device that the user is...

Intune MDM issue for certain windows builds

March 10, 2020, 3:09 am
$
0
0

When we run dsregcmd for certain windows builds we can not SSO and MDM links are missing, therefor those machines do not show MDM on the portal and we are not able to manage them.

Just wanted to know if you have seen this in your environment and what the solution would be?

Search

Microsoft Endpoint Manager - Remove Gmail accounts, install Android apps

March 10, 2020, 9:24 am
$
0
0

We support a client that has 130+ Android phones which all use the same Google account.  We no longer want these phones to use the same Google account.  Is it possible to remove the Google accounts in Microsoft Endpoint Manager?  The goal is to install and manage the Android apps and updates via the Endpoint Manager without having a google account tied to each phone.

Powershell command for Intune AutoPilot

March 10, 2020, 6:43 pm
$
0
0

Hello,

New to InTune and Powershell, please be aware.

I need to import all my students computers to AutoPilot so I can start using InTune more for rolling out programs and also reimages. I was told to use autopilot and was given this command below to use to gather info in a CSV. It fails :(

Text
"PS C:\WINDOWS\system32 Get-ADComputer -filter * -Properties *|select name, serialnumber, operationsystem, ProductID | out-file c:\temp\AutoPilot.csv"

We need to rollout a locked browser to all student computers to replace the old version.

So what I understand is I need to get info from at least the laptop OU as we are phasing out desktops one day but am not getting info required from using powershell. I have got a list of names but this is not what is required.


Thank you for assisting.

Windows Out of Box Experience error OOBEAADV10

March 22, 2020, 9:28 am
$
0
0

I have one AutoPilot provisioned machine consistently throwing error OOBEAADV10. This is supposed to be a temporary issue. Here are the basics:

- The machine is an identical model to another machine that provisioned without errors.

- I do not have physical access to the other machine to compare the settings.

- The machine is a 'whitebox' intel NUC from Logic Supply. It's fairly old and out of date but works very well. We did not want to retire it.

- The one difference from this machine is it had no serial number. For some reason it was provisioned without a system serial number. I ran Intels' Integrator Tool Kit to fix the serial number through the EFI shell (the serial number is labeled on the bottom of the machine)

- After updating the serial number, I ran get-windowsautopilotinfo to get the correct AP Info.

- The Autopilot Info file...

Company Portal - Update Device Settings - Unable to set up email on device

April 6, 2020, 10:47 am
$
0
0

So I have a test ipad that I use to fiddle with policies and test new stuff out before I put it in production.

About a month ago after a factory reset of the device and re-enrolling into MDM it says "unable to set up email on device" with a follow up note "You need to remove your work email account from your device so that is can be setup properly." 

Well.. it was factory wiped, and MDM redone that's it, there is literally NO email on this thing. I've factory wiped it a few times out of frustration and no dice.

I'm a Android guy so I might be missing something, but I've never encountered this loop on either platform.

BYOD MDM'd Devices still save copies of Corp documents to local storage.

April 6, 2020, 11:47 am
$
0
0

Anyone had luck turning off the ability to save documents pulled from business sources?

This is a cake walk with Android BYOD. But for some reason, Apple makes everything more difficult...

Here's my sandbox policy

Edit
Name
iOS/iPad Sandbox Policy
Description
For testing pre-production policy changes
Platform
iOS/iPadOS
Apps
Edit
Target to apps on all device types
No
Device types
Managed
Public apps
Acrobat Reader
Excel
Outlook
PowerPoint
Word
OneNote
Microsoft SharePoint
OneDrive
Microsoft Teams
Custom apps
--
Data protection
Edit
Prevent backups
Block
Send org data to other apps
Policy managed apps
Select apps to exempt
Default: tel;telprompt;skype;app-settings;calshow;itms;itmss;itms-apps;itms-appss;itms-services;
Save copies of org data
Block
Allow user to save copies to selected services
...

A question on Windows 10 "factory reset"

April 10, 2020, 11:03 am
$
0
0

I am doing some research into Windows/Microsoft Autopilot. One of the things that i am learning (correct me if i am wrong), is that Autopilot just uses the OS already on the machine to do its thing. Its not actually "nuking" the device like i would if i did an OSD or imaging inside my network. This, in its self, is not something i am to worried about except....One of the reasons i do imaging is to make sure that the device has a truly clean OS installed. I am wondering how Autopilot and the general "factory reset" option of Windows 10 can guarantee that the OS is clean and uncorrupted? If i have a user that ends up with a pretty toasted machine are they going to have to send it to me for the nuking option any way or maybe sending them a disk with an OS on it to format? 

Please share your thoughts.

Hybrid Active Directory to Azure Active Directory Intune enrollment

April 11, 2020, 7:39 am
$
0
0

With the corona virus sending everyone home with their local Hybrid AD joined computers I am looking for ways to enroll these computers into Intune in a Azure AD only scenario. Has anyone had experience with Hybrid Azure AD computer autoenrolling into Intune via VPN connection? We have Okta for authentication for our users tied to AD on-prem. We'd like to continue to leave the users on-prem and the computer accounts go to Azure AD. We are looking for a zero touch solution or email with a clickable link if necessary. Thanks for your assistance.

Search

How do i prevent users from enrolling windows 10 machines

April 16, 2020, 12:57 am
$
0
0

Hi all,

I need a bit of help/clarification. I am not that good with Intune yet so still learning as i go along.

We have not decided to enrol Windows 10 machines yet for the entire company but we have done a test with about 10 machines. The way we done that test is via GPO, we sync the computers to Azure AD with the AAD connector and then i have set the GPO for auto enrolment of those machines.

This seems to work but there are some devices that says ownershipPersonal that I have not synced to Azure AD via AAD Connect and I have not told to auto enrol using GPO.

How did they get there? Can I safely remove them?

I am not sure I want people to be able to enrol their own Windows 10 devices, I prefer that being controlled by IT. also to ensure they don't enrol home PC.

advice here is greatly appreciated


On prem applocker moving to intune WDAC

April 16, 2020, 6:25 am
$
0
0

I was wondering if anyone has any experience with moving Applocker to WDAC. Essentially we are moving fully to the Azure AD in the coming months. Currently we have on-prem AD using Applocker. I have it configured to allow the user to run programs that are in folders they can not write to and to NOT be able to run things in areas they can write to. Since the end users are standard users and cannot install anything into the machine they can run anything from Program Files and System folders but if they try to download self contained exe's or ones that try to install into their appdata folder like Putty or Chrome these would fail to run. To setup for those few things that do install into the appdata that need to run i use Applocker's hash or publisher certs to set those up. So with this as my mind set, i am trying to figure out how to...

Why is my option to create a new Autopilot ESP profile greyed out?

April 19, 2020, 9:42 pm
$
0
0

I'm signed in as a Global Admin of my test tenant, and I can create a new Deployment Profile for Autopilot, no problem. So far, I can do everything else that I have needed to do, in order to get Autopilot up and running (I've set up Autopilot from scratch several times, so this ain't my first rodeo), but I must be missing something here!

Also, worth noting that I cannot edit the Default ESP, either.

Thanks in advance!

Microsoft Autopilot Refresh

April 28, 2020, 8:10 am
$
0
0

I am new to AutoPilot and see an option to REFRESH. Is this as complete as AutoPilot Refresh? If not, what are the differences? Also, under Refresh it states "Retain user data for this device" If I am refreshing and reinstalling via AutoPilot Office 365, will it retain the users PST fie? If so, will it show up automatically, or do i just have to import it from the employees user files? 

I have about 50 machines I want to use it for, but all machine are remote, any suggestions on making this seamless are greatly appreciated.

Microsoft Store - Local Repository

May 3, 2020, 6:30 pm
$
0
0

Hi Guys

We would like to make apps available to students to download and access/control via the MS Store for Education.

However, we do not have bandwidth to allow students ample performance to access as they would desire.

Is there a local repository that can be kept in sync with the Education Store so that traffic can be kept off-net.

Cheers Mike

Viewing all 1216 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>