Hello Everyone!
I am trying to deploy Logmein application to the test computers via intune. Initially, when the application is installed, we are required to enroll with our credentials and add the device to Logmein. I was wondering if there is a way to auto-configure this application when deploying via intune? I was hoping to use the hostname for the device name on intune. I am very new to intune, please help.
Hello,
I'm trying to wrap the app delivered by our vendor. I'm using intune wrapping
https://docs.microsoft.com/en-us/mem/intune/developer/app-wrapper-prepare-ios
When i execute process i get following error:
Warning: WARNING: This application supports opening one or more file types, but does not have the appropriate entitlements to be supported with Intune APP.An additional provisioning profile needs to be specified using the -x command line argument. This profile must have a wildcard application-identifier or must have an application-identifier of 'domain.name.AppName.IntuneOpenInAction' and must contain at least one application group which is shared with the main application. If this profile is not specified, other Intune APP enabled applications will not be able to send files to this application
I'm looking for those appropriate...
Is it possible to install software based on a hardware vendor make or model?
we've begun having issues with Dell batteries and want to install the dell service on dell laptops but not HP or Lenovo. is it possible to install on specified machines. we don't want to have AAD groups for each model but if that's the only way, then we'll deal with that.
We are hoping to deploy the latest Citrix Workspace app using Microsft Intune.
Historically we were using the .bat provided by Citrix to deploy using GPO, so we are not sure if anyone here has used Intune to push the app.
Deployment tools for admin https://www.citrix.com/downloads/workspace-app/windows/workspace-app-for-windows-latest.htmlare simply some batch files that point at a storage location for the executable file.
Looking at this link https://www.robinhobo.com/how-to-deploy-win32-applications-with-microsoft-intune/
I was able to make a very basic .intunewin file but it seems that Intune won't accept this file!!
Has anyone tried deploying this?
Hi All
We push the installation of Microsoft Apps (Outlook, Onenote, Excel) from Microsoft's Intune DEP solution to iPads but we've found that once the apps have installed, they are very slow and unresponsive.
Has anybody else experienced this recently?
Jack
if i have a laptop set up in Tune and assigned to one user that i want to then assign that laptop to a different user. How much work does that involve ?
its being suggested to me by the vendor that the laptop would have to be re-enrolled within In-tune to change the user of that laptop and that this would take many many hours.
i have no knowledge of In-tune..but this seems a little bit around the houses.
Hi All
Last year we decided to move from mobileiron to MS Intune for our mobile fleet but because of the complexity and diversity of our company we new it would take some time, not helped by the covid issue. Things are progressing nicely but when looking around Microsoft Endpoint Manager admin center I came across Connectors and tokens - apple vpp tokens and saw the status was 'assigned to external mdm' which I realised was down to the fact we still have to keep MobileIron until we get the rest of the apple fleet moved in to intune but devices appear to be enrolling and apps getting pushed out.
we are hoping someone can let us know if thisis likely to cause us issues going forward? should we mo
Hi All
Last year we decided to move from mobileiron to MS Intune for our mobile fleet but because of the complexity and...
Just setup Intune as my MDM. Moved my Ipads from another MDM into Intune. Silly question. I have started to deploy apps to the IPADs and so far I have been selecting 'All devices' during the app deployment step. The other options are to deploy a group. I cannot see where I can add my IPADs into a Group. I keep reading that I can make a group and add devices into it. I make a group but cannot find the IPAD's to add to the group.
Essentially I want to deploy specific apps to specific IPAD's but I first need to group the IPAD's. What am I doing wrong here?
Using Intune for IPADS. Apple DEP all sorted and I can assign ipads via Apple School manager to Intune.
If I setup a profile with User Affinity the ipad will pull down the profile no problem and from there I can install apps and manage the ipad.
If I setup a profile without user affinity then the ipad tells me it is being setup for Remote Management by my Organisation but then it gets stuck on 'Awaiting Final Configuration' and does not get past that stage no matter how long I leave it. If I then change the profile back to User affinity and reset the ipad, it will run through fine.
What am i missing here to get it to work without user affinity?
I am trying to install Zoom MSI with command-line arguments on Intune. I want to enable ZoomAutoUpdate using the MSI file. The following command-line argument works on my local machine:
ZoomInstallerFull.msi /quiet /qn /norestart ZoomAutoUpdate="true"
However, when I try the same thing on Intune it completely ignores Autoupdate argument.
Here is what I attempted in the command-line arguments:
/quiet /qn /norestart ZoomAutoUpdate=true
/quiet /qn /norestart ZoomAutoUpdate="true"
ZoomAutoUpdate=true/quiet /qn /norestart
Has anyone had any issues with this? Am I doing something wrong here?
I was able to create an exe to add the following registry:
REG ADD "HKLM\SOFTWARE\Policies\Zoom\Zoom Meetings\General" /v EnableClientAutoUpdate /t REG_DWORD /d 1
This is my workaround for now.
Hello,
We use Intune AutoPilot to enroll devices.
What happens sometimes that the installation of the Apps takes to long and the laptop fals in sleep mode.
When we reactive the laptop, sometimes the installation continues without a problem. Other times the installation won't go on, and I have to reset the entire laptop to Factory Defaults.
Is there something that i'm missing or can we disable Sleep Mode during the enrollment.
Regards
Richard
Hi.
If a techie enrolls a device using Autopilot OOBE for another user they (techie) then becomes the local admin and primary user on the device,
If later the primary user is then changed will the user(techie) who enrolled the device still be local admin with the new primary user having no admin rights?
A
Hey Spicians,
I was looking to skill up and checking out content for intune when I stumbled across cloud society Fastlane. It was free and came from MS so I joined in immediately. But when I went to the discussion forum I don't see any questions asked or any discussions. Which led me to question whether these contents are old? Are these still relevant? And are their people around to answer our questions if we have one. Anyone here using it by any chance?
Goal: allow access to https://www.office.com/ only from named location
Allow access from anywhere only if device is intune compliant.
Created named location and set IP address
Policy:
Users and groups: Specified group
Cloud app: Office365 Preview
Conditions: Device platforms:Any device
Locations:Any locations, exclude: named location
Client apps: Select the client apps this policy will apply to:
Browser
Mobile apps and desktop clients
Modern authentication clients
Exchange ActiveSync clients
Other clients
Device state: Inlcude all device state,
exclude: Device Hybrid Azure AD joined
Access control:Block
Device is marked as compliant
Able to access to office365.com from edge
I have issues Only with outlook for Windows 10, unable to add email account
Sign in works for all Office applications except Outlook
Able to add email account to Built in mail app....
What can I add to a script to make it execute as another user when Azure runs the script at login?
I'm working away from on-prem AD to full Azure.
I found a solution that uses two scripts that work together to map drives.
The problem is the script that maps the drives assumes the user still has an account on the local AD. So in Intune when I set the script to run using the user's credentials it fails because that user is not in local AD. Turning this setting off is worse, as it runs LOCAL\WORKSTATION or such.
Found the scripts here. It's the closest I have come to getting this working.
https://2azure.nl/2019/09/07/create-a-drive-mapping-using-intune-on-azure-ad-joined-devices-manual/
I have a Hybrid environment with 2016 DC's
Gone through setting up Autopilot and have it working to some degree. I have not done the bit for domain join where you need to assign perms from the 2016 box connector so it can create objects within AD (thats next). Just for now I just want to get a simple Windows 10 laptop fully enrolled.
So far, I have got one of my laptops with Windows 10 on it and ran a powershell script to get the hardware ID etc. I then imported those details into Intune. I could then see the service tag of my laptop within Intune. I have applied a profile to the laptop. I then went into Settings on the laptop and told it to reset. The laptops then pulls down the settings etc and it states that it is being remotely managed.
The only thing is within
Home/Devices/Windows/Windows Enrollment
I can see my device. Profile status...
Created a SCEP configuration for Windows 10 devices in Intune. 24 hours later still showing pending. The policy was assigned to users group only.
For Subject Name I originally tried OnPrem_DistinguishedName and thought maybe that caused the issue after waiting an hour and manually syncing it on the device. This is what we use for domain joined devices but now we are rolling out Azure AD joined only so wasn't sure if Common Name would've been better.
We are beginning to experiment with deploying Microsoft InTune to Windows 10 systems on some client environments, and I'm a little confused regarding Device Configuration Policies. For example, I created a "Device restriction" policy which blocks removable storage devices. For assignments I included "InTune MDM Users" (with two test users) and excluded "Managers" (couple of administrator accounts).
In practice, when I join the system with Azure AD as a user associated with the rule, the system gets the profile assigned. However, when I sign in as a local administrator or global administrator, the rule STILL applies blocking USB flash drives. Then, oddly enough, after a reboot, I seem to get intermittent results where it will work on a local admin account and then stop working after I switch user from an included Azure account.
I...
Hi team,
We have some clients that had some work that needed to be performed on their computers, and the tech needed access to the machines and the clients gave permissions to reset their passwords. He did so using our RMM script which I believe just resets the password through a net cmd or something.
Essentially, that's broken TPM on the machines and now Windows Hello for Business is broken. The users also want to be able to sign in via SSO. I can see when running dsregcmd /status that they're not AzureAdJoined, don't have any AzureAdPrt tokens so they're not set up for SSO, and it appears they were probably just joined as part of adding the devices as a 'work device' inside of Windows settings Access work or school.
The error I'm getting when I try and do anything with Windows Pin or Windows Hello (Facial Recognition) is that it can't...
Hi all,
I am just trying to get Intune and Autopilot working at my employer, and I have the Office 365 CTR deployed using the inbuilt "Microsoft 365 Apps for Windows 10", which installs perfectly during the Autopilot phase of a new PC setup.
I have also configured a Windows Configuration Profile to configure OneDrive for Business known folder move and files on demand. The OneDrive policies definitely get applied, as when logging into Windows it automatically signs the OneDrive client in and enables the files on demand, but what doesn't work is the known folder move.
There should be a tab within the OneDrive settings called "Back up", which appears to be missing. I have done some research on why the tab might be missing and tried to reinstall the client with the latest release, and I have tried to create some missing registry entries which...