This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 96%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Hi,
we are about to roll out Intune on our devices.
We have the small but annoying problem that as soon as a Windows PC has been enrolled, the Sonos app stops finding/ communicating with the Speaker ("Sorry, we can't connect to Sonos.").
Our PCs are all on the Domain Network via Ethernet, so is the Sonos speaker.
The strange thing is, that if I take an enrolled PC to my home, where I have a range of Sonos speakers, the Sonos app can find those speakers.
The home networks is set as "Private" network. The domain network is set as "Domain" network.
In Intune, we have the Microsoft Defender for Endpoint Baseline applied.
Any ideas?
thanks
Jonas
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@MKinOZ , From your description, it seems when the Intune managed device is in Domain Network, the Sonos speaker is failed to find. But in Private network, it is working. If there's any misunderstanding, feel free to let us know.
To clarify our issue, please help to do the following tests:
Please try the above tests and if there's any update, feel free to let us know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thanks @Crystal-MSFT , correct.
I have added a machine and will report back when this is done.
@MKinOZ , Thanks for letting us know the status. If there's any update, feel free to let us know.
HI @Crystal-MSFT ,
the machine has been enrolled and Sonos is now not working anymore. I have blocked onboarding of Defender for Endpoint, so it is just some policies that have been applied. I have narrowed it down to my "Endpoint Protection policy for Windows 10 devices", which was acting from before I considered going with Defender for Endpoint.
I will probable remove this policy as it will be handled by the Defender for endpoint. However, I will still need to understand the base issue.
I have the following settings in that policy:
Attack Surface Reduction:
Flag credential stealing from the Windows local security authority subsystem - Enable
Process creation from Adobe Reader (beta) - Enable
Office apps injecting into other processes (no exceptions) - Block
Office apps/macros creating executable content - Block
Office apps launching child processes - Block
Win32 imports from Office macro code - Block
Process creation from Office communication products (beta) - Enable
Obfuscated js/vbs/ps/macro code - Block
js/vbs executing payload downloaded from Internet (no exceptions) - Block
Process creation from PSExec and WMI commands - Block
Untrusted and unsigned processes that run from USB - Block
Executables that don’t meet a prevalence, age, or trusted list criteria - Audit only
Execution of executable content (exe, dll, ps, js, vbs, etc.) dropped from email (webmail/mail client) (no exceptions) - Block
Advanced ransomware protection - Enable
I have now added an exception for the Sonos app to try out.
Network filtering:
Network protection - Enable -> I now changed to Audit
Any ideas what setting could cause the issue?
@MKinOZ ,Thanks for the reply. It's hard to say which setting may cause the issue. Because we don't know the process of Sonos speaker finding. To know it, I think we need to test the policy one by one to find the related one.
After reading the description of these settings, the settings I think may affect can be:
Obfuscated js/vbs/ps/macro code
js/vbs executing payload downloaded from Internet (no exceptions)
Process creation from PSExec and WMI commands
Untrusted and unsigned processes that run from USB
Network protection
https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-protection-windows-10
I notice we have change the Network protection to Audit only. After the policy is applied, will the Sonos speaker be able to find?
@MKinOZ ,Hope things are going well. If there's any update, feel free to let us know. Thanks!
@Crystal-MSFT I have been working on this, but have not yet had any success. I changed all to AUDIT, but this has not made a difference. So I took the machine off all configuration profiles, but I think this does then not change the settings on the machine. ¯(°_o)/¯
@MKinOZ . Thanks for the reply. Maybe the policy has some delay to apply. As another method, we can prepare a test device, add the policy setting one by one, check the report to make sure it is applied Then see if the Sonos speaker can be found. Meanwhile, you can also open case with our Intune support to help you check the log to get more help. Here is a link with the steps to open case.
https://learn.microsoft.com/en-us/mem/get-support