Bitlocker configuration - Password complexity to encrypt USB storage
Hi everyone, I have created a configuration profile in Intune to prevent users from writing information to unencrypted USB storage. Doing the encryption test on a storage USB, I see that it asks you for a password. Supposedly, the password complexity…
Windows Security Center service is turned off and cannot be enabled
When I turn on my computer, it says “Enable the Windows Security Center service, Windows Security Center service is disabled, click or tap to enable. Big red X.” I clicked on it and it doesn't work, it won't start, it reports an error, what's wrong with…
Solidwork PDM View set up issue with intune
We currently have a large number of users running solidworks pdm viewer installed at the C: level. When trying to run the installer on a newer machine with intune it prevents installing at the C: level and requires an additional folder layer to be…
Intune Wrapped App Access Blocked for User – "This app has not been set up" Error
Hello, I am facing an issue where an Intune-wrapped app is showing the following error message when a user tries to access it: "App access blocked: This app has not been set up for Mohans@outsystemsDemo.onmicrosoft.com **to use. Contact your…
Evaluating Endpoint Encryption Solutions: MBAM vs Intune/SCCM
A client currently utilizes MBAM for encrypting laptops and USB drives and has a test Azure tenant along with an SCCM Lab. In the production environment, SCCM is fully responsible for managing workstation policies. A POC is being prepared to facilitate…
Securing break glass account for access from multiple geographical locations?
Based on this news announcement…
Implementing Passwordless Sign-In for Student Devices in Intune-Azure AD Environment
I’m exploring the implementation of passwordless sign-in for student devices that are already Intune-managed and Azure AD-joined, with existing passwords and Azure AD usernames. Here’s what I’d like to achieve: Best Approach: What would be the most…
Upgrade To 2403 : Microsoft Defender security configurations are no longer managed with Microsoft Intune
Hello everyone, The current version of MECM we are using is 2303. (No Hotfixes Installed). We would like to upgrade to version 2403. We read about the problem “Security configurations removed from Intune” after the…
Protecting data on BYOD devices
Hi everyone, We have sixth form students using BYOD, and we're looking for advice on how to protect data on these devices, specifically for Microsoft 365 resources. I've tested Windows app protection for Edge, but students are also accessing data through…
How secure is the Wipe function in Intune for Windows 11 devices
Hi all, I am looking to remove quite a few devices from our Intune portal as part of that process getting them back to OOBE in a cleaned state. My main concern though, is how thorough a wipe from Intune is ? On a Corporate owned device that had been…
W11 - Virus & Threat Protection
Hi, When I disable "Automatic sample submission" (see below) I receive periodic popups that the device may be vulnerable (see below), and it remains the same until I "Dismiss". Is there any workaround to NOT show this popup…
Enable MFA for cloud and disable MFA for on-premises
Hello, Within our organization, we utilize both cloud services and on-premises solutions. For example, User 1 accesses cloud-based services such as SharePoint and Exchange, while User 2 exclusively uses on-premises solutions. We are planning to…
ARM Processor with Windows 11 Home is not allowing Checkpoint SSL Network extender
We are not able to use following Application on below Microsoft Laptop. Not allowing to run : Checkpoint SSL Network extender & Checkpoint VPN on Below Laptop. Microsoft Surface Laptop 7 Copilot+PC ZGM-00080 Qualcomm Snapdragon
MFA requirement for all Admins for an External Provider
I needed your help with some clarity regarding the MFA that has to be done by 10/15/2024. I am one of the Intune Engineers at my job, This company uses OKTA for their MFA currently for the companyname.com tenant but they are saying that our Intune…
Android device - system security policy
Good morning, I am starting with deploying android devices on Intune. Mode: FULLY MANAGED the policy regarding SYSTEM SECURITY - UNLOCK MOBILE DEVICES doesn't seem to start, even though I formatted the phone. I am sure the assigned user group is…
ASR Exclusion not working for network drive
We are having trouble adding an exclusion rule to our ASR rule, specifically the rule "Block Win32 API calls from Office macros," to a location on a mapped network drive. We have set the ASR rule to Audit, and we know exclusions for local…
Intune Security Baseline firewall help?
We have devices, joined to Entra ID, and Intune. I push the following Security baselines: Windows 10 Security Baseline Windows 365 Security Baseline Defender Security Baseline They all have a Firewall section, including settings for the three…
Mandatory multifactor authentication for Azure
I received a pop up when I logged into the Azure Portal stating that I needed to setup up MFA for my Azure Portal due to the Mandatory multifactor authentication for Azure. I am a little confused as I have 'Security Defaults' enabled for a 'Microsoft…
Cant remove work or school account from personal PC
recently left an organization and my ID there was disabled. When employed there, I used my personal PC for work as well as my own stuff. Now I get frequent requests to log in to my Work or School Account. How do I remove the Work account from my personal…
Windows defender for Antivirus and Endpoint updates
Hi All, We are planning to deploy defender for endpoint for our premises, the patch management solution which we are using is Ivanti to deploy the patches to windows 10 and 11 client machines. I read from the MS article that below are the patches…