register FIDO2 security key as sign in method without the need to install Microsoft Authenticator app
Hello, Here's briefly about policies across the tenant: Enabled FIDO2 security key as sign - in method for the user under. FIDO2 is the only enabled sign-in method for this user. Disabled Windows Hello for Business using Intune configuration…
Intune baseline policies -Screen capture is block
We have started the deployment of Microsoft 365 in our organization as well as the registration of computers in Intune. We have currently deployed the "Security baseline" for Windows 10, Microsoft Defender, Microsoft 365. We have noticed that…
Edge 124 will not open external sites and will not complete SSO login due to Soverign Cloud error
Since the release of Edge 124 stable channel on 4/19/2024, any external website resolves but will not open, getting error ERR_TIMED_OUT. Another browser (Firefox) works to access external sites with no issues. Also, when logging in to Edge using SSO we…
Issues enrolling multiple devices with the same account
We created an account to enroll a few computers that are out in the shop that don't have E3 licenses since they don't use office products except for the OS. We just want to make sure these devices stay up to date. Anyway, I get computer A enrolled in…
security. microsoft.com portal shows my Defender Full Scan as "No Scan Performed"
Hi, when I look at https://security.microsoft.com/ devices, my system shows "Last Full Scan" status is "No Scan Performed", I am seeing this on most of my systems. Why are no Full Scans being performed automatically or am I missing…
SCCM software updates install behavior
What could be causing some computers to install SCCM software updates before the deadline is reached? For example, if updates are configured to be available on April 15 with a deadline of April 21, some computers may start installing updates on April 20.
Local Admin account forced to change password, after joined to Azure AD
After joining a device to Azure AD for the first time through a work or school account. Ive noticed that the local user account (who is an admin) is forced to restart their password at next sign in. I cant find anywhere in azure or intune that would be…
Windows Hello for Business in Hybrid Environment - 'Not Applicable' Error
I am trying to deploy WHfB in a hybrid environment where devices are being managed by both SCCM and Intune. After I created Identity Protection Configuration on Intune that requires WHfB, I got an error that says "Not Applicable". Note: Since…
Windows 10/11 - Langauge Settings issue - During Device Enrollment
Hello Experts, Infra : Microsoft Entra Joined Device with E3/E5 License. Device Vendor : Lenovo, Microsoft Surface Image : OEM Preinstalled Copy We Experience issue, with Selecing language or Key Board Lay out, and Would like to ask if any known scenario…
Upgrade SCCM 2207 to SCCM 2309 issue / Questions
Hi, I tried many times to upgrade my SCCM 2207 to SCCM 2309 on the Windows server 2022 , it is failing every time, because after upgrading to SCCM 2309, my MP does not running and is RED and I cannot start it and on the IIS I cannot see some entries like…
Edge 124 - Cannot access to website due to ERR_SSL_PROTOCOL_ERROR or ERR_CONNECTION_CLOSED
Hi Team, Since the release of Edge 124, our users have been unable to access the website due to ERR_CONNECTION_CLOSED or ERR_SSL_PROTOCOL_ERROR. After searching, we knew it could be figured out by disabling the TLS 1.3 hybridized Kyber support setting…
how can i launch sharepoint URL in edge browser directly from android app via intent.
As per the requirement from client they need to launch the sharepoint url inside edge browser directly from android app. they are suggesting to use this. "microsoft-edge:http://www.yoursharepointsite.com" but i could see that this will not…
Which server does an MS AOVPN client contact first for connection, the VPN or the NPS(radius)
I am a bit confused about the order in whih the VPN and the NPS servers work together. A client machine managed in Intune is set up with a VPN profile (user tunnel) to connect to Azure/Entra Conditonal access CA, It then downloads the 1 hour certificate…
Installation of SCCM Reporting Service Point role over SQL AOAG
Dear Team, Does SQL AOAG support installation of SCCM Reporting Services point role with listener details? Or can we install the reporting services point without SQL AOAG and then later configure AOAG? Would that break anything with SCCM to SQL…
Authenticator mobile app not linking with work account
My Microsoft authenticator mobile app on my Android device is unable to get any notifications of logging into my work account to Microsoft Teams on my windows 11 laptop. I've tried almost everything I can fathom, but everything has been in vain. Please…
How to integrate Microsoft RADIUS server with conditional access policy
Can someone assist me in this please? Our company has an existing Microsoft RADIUS Server to identify if it is corporate device before it can access to corporate network. Now, we would like to integrate Microsoft RADIUS Server with Conditional access…
How to Import\Export SCCM Application Deployments? Is there a PowerShell command available?
I am trying to get an SCCM Application Deployments properties using PowerShell command. I am trying to export and import these properties from one environment to another. For Application we have the commands to do so like "Export-CMApplication"…
Pushing lock screen background to user machines from Intune
Hi everyone, I am trying to push an image to all Azure joined PCs from Intune. I have the policy set, but keep getting errors. The path is correct C:\folder\image.jpg. I used the Settings Catalog in the configuration profiles when I created it. These are…
Office 365 Deployment Efficiency: Intune Strategies
Hi Expert, I have deployed Visio, Access, Project, and Publisher (O365) in my environment using SCCM. These packages are working perfectly fine individually and installing as expected. I have also created these packages in Intune, but there is an issue…
sccm pxe booting not working directly from NICs but works from an anker dock
Hi! One of my clints is unable to pxe boot directly from computers, however, can pxe boot those same computers when attached to an anker dock. SMSpxe.log presents the boot image and TS deployment, finds the MP, however, on the computer to be imaged…