Role of BitLocker Drive Encryption in Device Migration.
Hi Team, I have a device that is hybrid-joined and co-managed. The system drives are encrypted using BitLocker and the recovery key is stored in Entra. The device is being migrated from one domain to another using a third-party tool called ForensIT User…
Can't create Quick Access configuration - Global Secure Access
When creating Quick Access configuration in Quick Access | Create Quick Access configuration I get: Network access settings Application operation failed. no further information is provided in the error. I do have a connector set up correctly and on in…
How would I go about setting up CA for our environment, so that MFA isn't required?
So I have been made aware that MS is forcing MFA on their tenants. Now I am still inexperienced when it comes to MS Cloud, Azure and Entra. Now we have a few different tenants and an on-prem environment. Now while we are getting our users on it we will…
Intune - Always On VPN Custom Policy Profile deployment
We can't use the built-in Intune based profile deployment, since we are using forced tunneling, and have to use exclusion routes. Therefore we must use the custom ProfileXML based method. Does anyone have experience with this method, and what is the best…
Security Baseline for Azure and Office 365
Hi collegues. Is there any security baseline in Azure and Office 365 we could use from Microsoft as an starting point to secure a Tenant in an initial and advanced way? Thanks. Regards
Security requirements to be considered for Microsoft Data Migration
What specific security requirements should be considered in case of Microsoft O365 and Azure Data Migration between tenants. Is there any specific checklist from Microsoft which can be considered as an initial starting point? Thanks. Regards.
How to upgrade Windows 10 Pro and Enterprise OS to Windows 11 Pro or enterprise via Intune policy? What are the steps and things we need to prepare before doing that?
How to upgrade Windows 10 Pro and Enterprise OS to Windows 11 Pro or enterprise via Intune policy? What are the steps and things we need to prepare before doing that?
Are incorrectly enrolled devices able to be queried in Advanced Hunting?
Hi, I am using Advanced Hunting to perform some auditing. I expected some devices to return results, but they are not; and the number of results when I search for all devices is way lower than expected for my queries. After checking the different IDs, I…
Block mobile phones when connected to a device as Removable Storage
Hi all, I'm trying to block all USB removable media connected to my company's laptops to about security breaches. I'm able to block USB pendrives and external hard drives, but If a connect a mobile phone (Android) to a laptop and set the connection to…
Allow Scanning Network Files
Hello, Could you please explain how the “Allow Scanning Network Files” policy functions within the Intune portal, specifically under Endpoint Security > Antivirus? Does enabling this policy mean that Defender will scan network-mapped drives? Thank you…
Automatically onboard devices from intune to defender
Hello, From the Intune portal under “Endpoint Security,” I have set the Microsoft Defender for Endpoint client configuration to “Auto” from the connector. If I am not mistaken, this is supposed to automatically onboard or offboard devices from Intune to…
Defender for Endpont - Device Isolation via API
Hello All, I am trying to craft an script to isolate device via powershell. I have created Enterprise app, i have assigned to that app permission (as delegated - i do not want to use it as application) Machine.Isolate and granted consent. Script…
How to disable Copilot in Microsoft Edge via Intune policy or any other way?
How to disable Copilot in Microsoft Edge via Intune policy or any other way? See below snap which we see in Microsoft Edge browser
Windows Defender keeps losing ASRs deployed by Intune
Hi all, for the whole last week, I have a very strange and recurring problem. Environment: Location EU0501, most devices HAADJ, some devices autopiloted entra only, Windows 10 and 11 on 22H2 or 23H2, Patchlevel 2024-02 or 2024-03 - so up to date. hybrid…
How can I deploy App Installer via Intune as app or package on Windows 11 devices so MS Teams would be installed on each devices as currently Teams is not being deployed on them because App Installer is not being auto updated or installed and MS Teams nee
How can I deploy App Installer via Intune as app or package on Windows 11 devices so MS Teams would be installed on each devices as currently Teams is not being deployed on them because App Installer is not being auto updated or installed and MS Teams…
Enable Bitlocker with Intune on already encrypted devices
Hello, many devices already use Bitlocker. However, they are manually encrypted and the recovery keys are lost. I would like to enable Bitlocker in my organization via Intune policy. But I don’t understand what the behavior of devices will be if the…
BitLocker not working automatically
I have been using the same silent BitLocker encryption settings on most tenants I set up with no issues. I have a Entra Hybrid Joined tenant that was using AirWatch as thier MDM which controlled BitLocker. Once the device was removed from BitLocker,…
FortiGate with EntraID
Hello! Would it be possible to implement the scenario below? Example: When a user logs into the machine, appears in the FortiGate Firewall and then adds an SSO with DL groups? But this whole scenario with Entra ID. We know it is possible with Active…
shared settings : Number of days until partner is unresponsive
Hello, I hope this message finds you well. I am seeking clarification on the “Shared settings: Number of days until partner is unresponsive” option found under Endpoint Security > Microsoft Defender for Endpoint. Specifically, I would like to…
Need to restore a device record recently deleted from intune
Greetings Internet Hive Mind. iI have quite a conundrum on my hands. I recently had a user leave my company who took it upon himself to wipe his hard drive on the way out. Attempts to recover the data have all failed. Following the IT protocol I…