AMA: Improve your security posture with Intune

I would love to see some AI functionality added to the scripts sections to suggest ways to accomplish goals. Especially around making Compliance or Remediation scripts cross-platform compatible. I can write a script in PowerShell, and then utilize AI to write a similar script in BASH or Python so that the script can be executed on Linux or MacOS. Are there any plans for this in the future? With functionality like this, you can re-tool the scripts pages to have a script for accomplishing a given task, and choose to apply it to multiple Operating Systems, rather than managing them separately for every task AND every OS.

We have windows 11 autopilot device where device guard policy is enabled in security baseline. But we also have to create a relaxed policy which doesn't enable device guard and also wants to disable core isolation code Integrity settings or any way to allow user to control it...how we can configure it?

Asking again please help! When looking in Itune Device Configuration Profile setting, you can see a conflict, When you select that conflict and click on it it gives you a setting / state and source but only shows the current policy not what other policy it's conflicting with. How can we find that conflict easily i.e EnableSmartScreenInShell [./Device/Vendor/MSFT/Policy/Config/SmartScreen/EnableSmartScreenInShell] STATE Conflict in profiles SOURCE PROFILES Source Profile Modern Workplace Security Baseline v16

ADE enrolled iPhones (dynamic device group) wish to be excluded from the User grouped MAM Policy. what is the best way to achieve this ? Will Exclusion of User group help me achieve it or any other suggestion ?

MAM Android Block Print: In addition to block Printing, Is there a way we could also block the users from printing it into a PDF? (for now the users can share the PDF over Whatsapp or other unmanaged app)

MAM iOS Outlook Contact Sync: My scenario : When I exceute a User-Based Wipe for iOS BYOD , particularly testing Outlook here: The Outlook corporate data(Email) gets removed and user is logged out but the Outlook Contacts that were synced (due to the App Config Policy to Save Contacts) are left behind in the iOS Contact Address book. Ask: I want those Outlook contacts also to get removed so that when user leaves organization, he does not have access to ex-company contacts . So, How to remove the Synced Outlook contacts from Native Contact app in iOS after a Wipe is done? otherwise, without this Config Policy, is there any way that users can see the Phone number to know who is calling? Settings: App Protection Policy: Sync policy managed app data with native apps or add-ins: Allow Managed Apps App Configuration Policy, Outlook Save Contacts: Yes Allow user to change setting: Yes On iOs Phone, Outlook App Settings, Save Contacts with Corp Account is :Enabled

With two Local user group membership policies even if they are both Add (Update) currently if both are targeted to the same group will result in a conflict since this is same csp but different values. Is there a way Intune can see this and merge the polices before the csp is applied on the device. Hope this makes sense.

When looking in Itune Device Configuration Profile setting, you can see a conflict, When you select that conflict and click on it it gives you a setting / state and source but only shows the current policy not what other policy it's conflicting with. How can we find that conflict easily i.e EnableSmartScreenInShell [./Device/Vendor/MSFT/Policy/Config/SmartScreen/EnableSmartScreenInShell] STATE Conflict in profiles SOURCE PROFILES Source Profile Modern Workplace Security Baseline v16

Are there any plans to merge Custom Compliance Scripts and Remediation Scripts? I prefer the functionality for affecting change of Remediation Scripts, but it'd be nice to leverage that system for defining and reporting compliance.