How to fix the below error through MS intune: App is blocked for your Protection

Raghavendra Prakash 0 Reputation points
2024-01-22T05:54:08.0266667+00:00

blocked for your Protection

We have a fix, which involves changing the registry value 'Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, EnableLUA' to 0 or by disabling it. However, how can I push these changes through Intune?

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,729 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,365 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Catherine Kyalo 570 Reputation points Microsoft Employee
    2024-04-02T10:40:44.47+00:00

    You can use Intune Configuration policies to push these changes to managed devices. Specifically, you can create a custom configuration policy that sets the registry value to 0 and deploy it to the targeted devices. Here are the high-level steps to create and deploy the custom configuration policy:

    1. Open the Microsoft Endpoint Manager admin center and go to Devices > Configuration profiles > Create profile.
    2. Choose Windows 10 and later as the platform.
    3. Choose Custom as the profile type.
    4. Give the profile a name and description, and then click on Settings.
    5. Click on Add > Custom OMA-URI settings.
    6. In the OMA-URI settings window, enter the following information:
    • Name: Enter a name for the setting (e.g., EnableLUA).
    • Description: Enter a description for the setting.
    • OMA-URI: Enter ./Vendor/MSFT/Policy/Config/System!EnableLUA
    • Data type: Select Integer.
    • Value: Enter 0 to disable EnableLUA.
    1. Click on OK to save the OMA-URI settings and then click on Create to create the custom policy.
    2. Assign the policy to the targeted devices or groups.

    Once the policy is applied to the targeted devices, the registry value will be updated automatically. You can verify the value using the Registry Editor on a managed device.

    Here is a link to get started -https://learn.microsoft.com/en-us/mem/intune/configuration/custom-settings-windows-10

    0 comments
  2. Walsh, Liam 36 Reputation points
    2024-04-02T13:25:49.7866667+00:00

    Instead of using Configuration Profiles, you could use "Scripts and remediations" .

    You can choose between proactive remediation scripts vs PowerShell scripts features. The proactive remediations script helps to detect and fix common support issues on a device. The Powershell scripts help to complete a specific task.

    Simple way of doing this, create a simple powershell script which changes a registry value. Choose " "Scripts and remediations" , "platform script" and upload the powershell script you created.

    0 comments