Intune 403 error - When accessing InTune Portal
Hi Intune Community, I have two users who I have given them the Application Manager role with full access, under Tenant Admin --> MEM roles but they are receiving following access error when they try to reach Intune/Endpoint Manager: I read https://techcommunity.microsoft.com/t5/microsoft-intune/401-and-403-error-when-logging-into-endpoint-admin-center/m-p/1713817#M5226 link, which does not apply to our environment. As we already have the MDM set-up and running. Any thoughts/help appreciated.
How to remove MDE managed devices in MEM?
Hi, I had two windows server VMs with MDE(Microsoft Defender for Endpoint) onboarded. For test purpose, I turned on the security settings management in MDE to let MEM deploy some security policies to them. It worked fine. I got corresponding device entries in AAD and MEM and was able to manage the VMs like other Intune managed devices. After I deleted the VMs, I found the device entries are somehow lingering. For MDE, I knew there is a data retention time which is 30 days in my case. I waited for a month and the VMs do disappear from MDE. But I can still see them in AAD and MEM till now. I can't do anything to them in MEM, while I can temporarily delete them in AAD and see them respawn next day. According to the doc, there is a way to solve this problem, but I can't see how. Use Intune to manage Microsoft Defender for Endpoint Security on devices not enrolled with Microsoft Intune | Microsoft Learn Does anyone know what "be removed from the scope of Configuration Management in the Security Center" means and how to perform it? Thanks for reading this post.
iOS DEP enrolled devices missing Enrollment Profile (breaking dynamic group and filter logic)
Starting 31/05/2022 new iOS enrollments via Apple Business Manager Device Enrollment do not have an Enrollment Profile attribute assigned under Hardware, generally we use this attribute to define dynamic groups/filters. I have seen this on at least two different customer tenants so far. Example of a filter no longer matching a device enrollment. (previous enrollments still show the correct Enrollment Profile Note: Testing 3 tenants we only see two in APAC impacted so far. Asia Pacific 0101 Asia Pacific 0201Universal Print Intune error - Install (User) -2147418113 & -2138701812
I'm currently doing a PoC on Universal Print using connector installed on an on-premise server 2022. I successfully installed the printers on the Connector server, registered with Azure UP (Universal Printer), shared it and began configuring Intune (MEM) to deploy on Win 10 machines. I used printer provisioning from the configuration profile catalog and put all the required values. I targeted the profile on a group of users. The results were interesting. Two users installed the UP with no errors, 3 other users failed to install with error message details below. I could not find any of these errors documented any where. I have engaged MS Support and waiting on solution. These errors are not documented anywhere for MEM. Here are the errors in anyone might be able to help Install (User) -2147418113 Install (User) -2138701812 I have also attached screenshot from MEM
Enablement Packages through MEM
I just spent the last 6 weeks getting a majority of user's systems up to Windows 10 20H2. They are all hybrid joined to AAD and are enrolled in MEM(Intune). I used the Windows 10 feature update Policy to update a majority of them from 1809 and 1909. My question is if I change the policy property in my Windows 10 Feature policy, will an enablement package be offered to my users or will they have to go through the same upgrade process it took to get them to 20H2 from 1809/1909? If they have to go through the upgrade process, would deploying an enablement package through Intune be a good option or is there a better option (MECM with a CMG)? My end goal is to keep releasing enablement packages to my users to avoid the disruption of the upgrade process to my users every year or so.
