Event banner
Event details
Joe_LurieThanks for the follow-up and Jason_Sandys , thanks for providing a deep insight and information.
- Heather_Poulsen
Community Manager
Thanks for joining today’s “Cloud native with Microsoft Intune” AMA at Microsoft Technical Takeoff. We’ll leave the Q&A open through Friday so keep your comments and questions coming! Up next: Secure helpdesk support using Intune Remote Help
I see customers struggle with the network requirements of Autopilot and Intune. Especially seeing that some of the endpoints are missing on the official MEM Microsoft JSON file.
Is there anything planned to improve this?
- Jason_Sandys
Microsoft
To my knowledge, we have no knowledge or feedback of anything being missing from the official documentation on this. Happy to take feedback on this though to validate and work on adding it to the docs.
I was surprised when my Networking team reported access to India when Autopilot devices went through provisioning in Canada :) . I (and Sec) expected NA endpoints only...
Will there be an easier way to troubleshoot Autopilot enrollment errors? Right now, my method is to dive into the IME logs on the affected device and I have to keep a timeline of what happened at what timestamp.
- Pearl-Angeles
Thanks for your participation in today's AMA! For reference, the panelists covered your topic around 24:58.
You might be interested in a community tool from MVP Petri Paavola that can help you with a nice insight that collects data from IME logs and shows it in a HTML overview page and logviewer
https://github.com/petripaavola/Get-IntuneManagementExtensionDiagnostics
Tons of good updated on Intune.
For some management tasks we still depend on Scripts.
Q: Will 'Filters' be introduced to 'Platform scripts' when assigning to devices?
'Remediations' support 'Filters' but 'Platform scripts' currently don't which hinders excluding or including certain groups of devices through custom filters.- Pearl-Angeles
We appreciate your feedback and question! The panelists covered this topic around 20:14.
I would like to provide feedback regarding Intune policies in general. Could we incorporate graphics or images into the documentation to illustrate which policies apply to specific Windows settings?
Recently, I was trying to change the Start menu personalization but couldn't find a clear setting in Intune.
Going through documentation without any visuals can sometimes feel like a dry read. Adding another dimension, such as images, would really help in understanding which policy corresponds to which Windows setting.
- Pearl-Angeles
Thanks for your feedback! For reference, the panelists covered this topic around 28:59 of today's session.
Thanks for answering the question. Yes, there's a small bubble next to every setting, but again, some settings do not specify which actual setting in Windows will be affected.
For example, the setting "Disable Advertising ID"—the bubble indicates that it "Enables or disables the Advertising ID. The most restricted value is 0." However, it doesn’t clearly specify which setting in Windows will be impacted or where it applies. (If I'm not mistaken, this policy corresponds to Windows Settings → Privacy & Security → General → "Let apps show me personalized ads by using my advertising ID.")
The end goal here should be to make it easier for end users to identify which Windows setting or option will be affected by a specific policy. We can agree that the documentation is extensive, and at times, narrowing down a specific policy for a setting can be a daunting task.
Including a graphical representation of the affected Windows setting in the documentation could be much more convenient, as it would provide a clear answer on exactly which setting will be modified when a policy is applied.
Just my two cents—would love to hear your thoughts on this!
Cheers!!
- Joe_Lurie
KaranS340 Thanks for the insights. We typically include links to our docs pages for more info where we can't give enough detail in the (i) information box. I loke the idea of a graphic. Could you please go to aka.ms/IntuneFeedback and leave that feedback there, or in the Intune admin center, use the "send a smiley" to add feedback directly on the page (Windows Configuration profile).
Thanks!
What is the best path to get devices currently Ad Joined to Cloud base enrolled and no longer require AD joined?
- Jason_Sandys
+1 to the comments from AlexandreI1340 and SkipToTheEndpoint.
Lots of good doucmentation on this at the following:
https://aka.ms/EntraJoin-WhichOption
reset - either Autopilot or Provisioning profile, or complete reimage.
The only supported path from a domain joined device to cloud native one is to reset the device and have it come back up through Autopilot. The best way to achieve this is usually through device attrition, replacements, new starters etc.
Have been fully "cloud native" for a couple of years now and seen huge improvments. We are looking now to move MacOS devices into intune from Jamf. All MacOS devices are shared/without user afinity, will we see the ability to deploy Available apps any time soon? currently can only deploy via CP as required.
- Joe_Lurie
Ali11CH You should be able to deploy macOS apps as "Available for enrolled devices". See How to add macOS line-of-business apps to Microsoft Intune | Microsoft Learn for more info.
For those that have on-prem domain names the same as their M365 tenant domain, is it advisable to enable Cloud Kerberos trust?
Entra-joined devices with Device-cert based pre-logon VPN. Can device write-back be a solution? (since devices are not in AD by default).
- Pearl-Angeles
Thanks for participating in today's AMA! For reference, the panelists covered this topic around 22:20.
