NEW Podcast Microsoft Ignite E04: AI & Copilot – The Biggest Talk at MSIgnite!
Podcast Microsoft Ignite E04: AI & Copilot – The Biggest Talk at MSIgnite! AI is transforming the way we work, and Copilot is leading the charge! To break it all down and get expert insights, I’m joined by Jannik Reinhard and Fabio Bonolo to discuss: Key AI takeaways from Microsoft Ignite How companies & admins can benefit The future of AI-powered productivity Youtube: https://youtu.be/uD5V5a2Ldqg?si=u3R8fSndeW6wCruIDiscrepancy Between Intune Endpoint Security Reports and Defender Portal
Hello, I am experiencing an issue with discrepancies in device onboarding reports between Microsoft Intune's Endpoint Security section and the Microsoft Defender portal. My devices are onboarded in Microsoft Defender for Endpoint (MDE) through Intune. However, in Intune’s Endpoint Security section, the report does not reflect the correct onboarding status for these devices. This causes inconsistencies in security reporting and compliance monitoring. I have verified that devices are properly onboarded in Defender, but Intune does not seem to update the status accordingly. Has anyone encountered this issue before? Are there any known solutions or troubleshooting steps to force Intune to sync the correct onboarding status? Any guidance would be greatly appreciated. Thank you!
Entra: Lock screen help.
Hi guys, I need some assistance with entra regarding the lockscreen images. We had a previous lock screen which displayed the company logo and users were not allowed to change the lock screen, we needed it to be disabled and I deleted the script as well as the policy for the lock screen to try and remove it. However this hasn't worked, the lock screen is still displaying on all devices, and users cannot change the lockscreen. I do not want to perform a reset, because we have so many machines. Any advice on how to enable the users to edit the lock screen again or load a new policy, will be highly appreciated. What I have tried: Removing registry key for lock screen. (Key just pops up after restart) Loading a new script (Fails to load, no reason given, I suspect because it conflicts with old one) Disconnecting from entra and trying to edit the lock screen. Thanks.🎙️Podcast: Microsoft Ignite E03
🎙️#Podcast: Microsoft Ignite E03 I had an incredible time chatting with @liorbela.bsky.social in my latest #MSignite podcast episode, where we delved into key highlights from Microsoft Ignite 2024 and exciting developments in the Intune world #msintune Youtube: https://youtu.be/mnxHRLz3EMg?si=pab6wByZpQ2tnf5P
Conditional Access Policy Loop with Edge on BYOD Devices – Need Help!
Body: Hello Tech Community, I’m facing an issue with an Azure AD Conditional Access Policy that seems to be causing a loop when users access Office 365 resources using Microsoft Edge on Windows 11 24H2 BYOD devices. Here’s the scenario: Problem: The policy is titled "Require App Protection Policy for Edge on Windows for All Users when Browser and Non-Compliant-v1.0" and continuously prompts users to switch profiles in Edge. These devices are BYOD and intentionally excluded from full Intune management (non-compliant by design). However, Edge repeatedly requests authentication or profile switching, creating a frustrating experience. Policy Details: Applies to: Windows devices using browsers (primarily Edge). Excludes: Compliant devices or those with trustType = ServerAD. Includes: Office 365 applications. Excludes Groups: Certain groups that should bypass the policy. What I’ve Tried: Verified device compliance status in Azure AD and Intune. Checked Azure AD Sign-In Logs for errors or repetitive authentications. Cleared Edge browser cache and cookies. Ensured Edge is configured to use Windows sign-in information. Adjusted the App Protection Policy settings for Edge. Questions: Could this be an issue with how Edge handles profile authentication in Conditional Access scenarios? How can I ensure that BYOD devices remain excluded from full Intune management but still work seamlessly with this policy? Are there specific adjustments I can make to the Conditional Access or App Protection Policy to avoid these loops? Additional Context: My goal is to secure access using App Protection Policies (MAM) for BYOD scenarios without requiring full device enrollment in Intune. Any insights, suggestions, or similar experiences would be greatly appreciated! Thank you in advance for your help!🎙️Podcast: Microsoft Ignite E03
🎙️#Podcast: Microsoft Ignite E03 I had an incredible time chatting with @liorbela.bsky.social in my latest #MSignite podcast episode, where we delved into key highlights from Microsoft Ignite 2024 and exciting developments in the Intune world #msintune Youtube: https://youtu.be/mnxHRLz3EMg?si=pab6wByZpQ2tnf5P
Troubleshooting Azure Function App Proxy with Private Blob Container Access for Static Web App
Recently, I shared a problem I’m facing in my testing environment with a friend. I’ve decided to bring this issue to an open forum discussion to gather additional insights. I hope you can help me figure out what might be missing in my configuration. **Context:** I’m trying to replicate a solution in my test environment but encountering difficulties in a specific scenario. **Scenario:** I have a Function App acting as a proxy for a Static Web App hosted in a Blob Container. This Blob Container is set to private access, meaning public access is disabled. **The Problem:** The goal is for my Function App to authorize users and direct them correctly to the Static Web App. However, it’s not working as expected. **What I’ve tried so far:** 1. Configured Managed Identity for the Function App and granted the necessary permissions to the Blob Container. 2. Properly set up authentication and created the App Registration, which works flawlessly. 3. Verified that the proxy functions correctly when the Blob Container’s public access is enabled. **Current behavior:** - When public access to the Blob Container is enabled, everything works fine. - When public access is disabled, even with the proxy configured, access fails, and an error message "resource not found" is returned. **My questions are:** 1. Do I need to configure something additional in the proxy definition file? 2. Is there a specific setting, like a private endpoint or something similar, that I should implement to resolve this issue? **Additional considerations:** I haven’t configured a private endpoint yet, but I’m considering whether this would be the most appropriate solution for my case. My initial expectation was that granting the necessary permissions to the Function App via Managed Identity would solve the issue, but it hasn’t. I appreciate any guidance or suggestions you can provide!The issue with Windows Updates for Business via Intune: Incorrect Reporting and Update Failures
Hello, I am using Intune to manage Windows Updates for Business, but I am facing two issues: The update reports I receive are incorrect—they don’t reflect the actual update status of my devices. Some of my devices are not updating correctly. I want to understand if having a valid Windows license for each device is a requirement for successful updates and accurate reporting through Intune. Could someone clarify this and provide guidance on resolving the issues with reporting and updates?
