How to setup Desktop/laptop background wallpaper and Screen Saver via Intune from locally stored on device or SharePoint or OneDrive?
How to setup Desktop/laptop background wallpaper and Screen Saver via Intune from locally stored on device or SharePoint or OneDrive? As I don't see such option in Intune so far which is really not good way to put company details on public sites like…
Windows Defender keeps losing ASRs deployed by Intune
Hi all, for the whole last week, I have a very strange and recurring problem. Environment: Location EU0501, most devices HAADJ, some devices autopiloted entra only, Windows 10 and 11 on 22H2 or 23H2, Patchlevel 2024-02 or 2024-03 - so up to date. hybrid…
Part of this app has been blocked IIS Worker Process has tried to load Microsoft.Workflow.Compiler.exe
When launching an ASP.Net web application on a Windows 11 system with Smart App Control On, I'm getting the below toast notification. Part of this app has been blocked: IIS Worker Process has tried to load Microsoft.Workflow.Compiler.exe which doesn't…
CAA800000 / An unknown Internet error has occured (How can I fix this error to enroll the Surface Pro 8 in Intunes via Company Portal?)
Hello, I tried to connect our Device (Surface Pro 8) to Intunes via the Company Portal and this is the error that occured. Do you guys have any suggestion of how to fix this? Thank you very much in advance and feel free to ask questions for more…
Everyone locked out of tenant due to a faulty Conditional Access Policy
We have been locked out of our tenant for almost 2 weeks now due to a faulty Conditional Access policy. During this week, there have been several conversations with a number of Microsoft support technicians, none of which seemed to have an understanding…
Everyone locked out of tenant due to a faulty Conditional Access Policy
We have been locked out of our tenant for over a week now due to a faulty Conditional Access policy. During this week, there have been several conversations with a number of Microsoft support technicians, none of which seemed to have an understanding of…
Windows Hello for Business in Hybrid Environment - 'Not Applicable' Error
I am trying to deploy WHfB in a hybrid environment where devices are being managed by both SCCM and Intune. After I created Identity Protection Configuration on Intune that requires WHfB, I got an error that says "Not Applicable". Note: Since…
I have a conflict with two security baselines. I created an excluded group, but no all devices are updating.
Devices are not clearing from previous security baselines.
Are there best practice to set date & time via Intune on enrolled devices so we can make sure its setup across the fleet as we are not managing it currently and would there be any differences or issues for device patches when they are available?
Are there best practice to set date & time via Intune on enrolled devices so we can make sure its setup across the fleet as we are not managing it currently and would there be any differences or issues for device patches when they are available?
what are Microsoft security recommendation for Microsoft Entra
hello, We are setting up a Microsoft Enterprise tenant; what basic recommendations can we make to make it more secure? Like we know, we like to implement MFA,CA ,PIM ,Audit log anything apart for this specially from IAM side security. Thanks Richa
Procedure for enabling and configuring the LDAPs feature for the existing Domain Controllers globally.
I need to globally configure the LDAPS feature in over 20 on-premises Domain Controllers/Global Catalogs to support new security software integration. My existing AD Domain controllers are Windows Server 2016 with Windows Server 2016 FFL/DFL. What steps…
How to block USB devices in Mac from Intune.
Hi tried to block USB devices from Intune was creating the policy and getting the below error. MAC Usb policy .png
I have Attack surface reduction
I have create two rules in ASR in one rule i have set audit and in other rule i have set block for same configuration Block executable files from running unless they meet a prevalence, age, or trusted list criterion but when i see report from defender…
Testing Cloud PKI against Windows Web Server
I am evaluating Intune Cloud PKI solution and I want to test the certification usage with IIS build on Windows Server. The Server is not member of Active Directory, so I downloaded Root and Issuing certificates as files and imported them into the Windows…
How to implement tiering model in Microsoft Entra
Hello, Microsoft recommends the tiering model for AD that we implemented. is there any tiering model concept that Microsoft recommends for designing Microsoft Entra so we can implement it in new tenant . incase no tiering model recommended the…
Why ADMX & ADML profiles does not allow other profiles/policies to upload when some other policies are in use with any configuration profiles?
Why ADMX & ADML profiles does not allow other profiles/policies to upload when some other policies are in use with any configuration profiles? Here is what I have experienced: I had uploaded Windows.admx and Windows.adml and after that I had…
MFA Excluded accounts - still prompting for MFA registration
Hi Team, We have enabled the MFA in our organisation and we have created conditional access policy for the service accounts to exclude from MFA. We have disabled the MFA for those accounts under O365 admin > Active users> MFA when we try login…
How do I stop the twice hourly automatic attempts to fraudulently sign into my webmail account
Twice hourly automatic attempts to fraudulently sign into my Hotmail account from random IP addresses across the world. How do you to stop these ? Sooner or later I assume the brute forcing will work. The amount of notifications is annoying as well
Microsoft Defender against Palo Alto Cortex
I am tasked to compare Palo Alto Cortex solution on our existing Windows workstations against MS Defender for Endpoint. There is several articles about this and my first conclusion is, that Defender might have only small weakness against Palo Alto but I…
Sign-in logs question
Hi, I need to help to understand the sign logs in Microsft Entra admin center. I found some external user activity in sign logs. I am confused how can i know which service is accesiing. How can i verify it's only teams meeting or teams channel or…