This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 54%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
Hey,
Via Intune we have created a profile that installs Microsoft Defender Application Guard on the workstations and also makes a number of settings.
Installing MDAG is no problem, but the settings "Clipboard behavior", "Clipboard content" and "Retain user-generated browser data" gives errors for all workstations
-2016281112 (Remediation failed).
All Devices are connected through "Hybrid Azure AD Join" with Intune.
Usersaccounts we used are Primary users on the relevant Devices.
Useraccounts have the following licenses associated with them:
Enterprise Mobility + Security E5
Microsoft 365 Business Standard
Microsoft Defender for Office 365
Windows 10 Enterprise E5
Do you have an idea what this could be?
Thanks in advance.
@Hardloper123 Thanks for posting in our Q&A.
For this issue, it is needed to do log analysis to find more detailed error information. With Q&A limitation, Q&A is not the best channel for such log analysis case. So we suggest to open a case to check on this. It is free. The following link describes how to open a case, we can refer to it:
https://learn.microsoft.com/en-us/mem/intune/fundamentals/get-support
Hope it will help.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 86%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUH%3C/text%3E%3C/svg%3E)
@Hardloper123 Maybe this will help:
While using Microsoft Edge, Microsoft Defender Application Guard protects your environment from sites that aren't trusted by your organization. When users visit sites that aren't listed in your isolated network boundary, the sites open in a Hyper-V virtual browsing session. Trusted sites are defined by a network boundary, which are configured in Device Configuration. For more information, see Create a network boundary on Windows devices.
source: https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-protection-windows-10
----------
Hope the information above is helpful.
Should you have any question or concern, please feel free to let us know.
Best Regards,
Udata hua Holaind ka
If the response is helpful, please click "Accept Answer" and upvote it.
Thanks for thinking along.
I have created a ticket at Microsoft and submitted the information.
Hopefully they can help me further.
If they have a solution, you will hear from me
was this solved?
Are you using Device restriction profiles or Endpoint Security?
@Hardloper123 did you manage to solve this, I have exact same issue with intune, app guard is enabled but Intune fails. @Rahul Jindal [MVP] both Device Restrictions and endpoint security are failing.