Intune: Firewall Rules Policies
Hello I want to apply an Intune Firewall policy so that only certain applications connect to the internet and the rest are blocked. To secure the connection of these computers to Intune, what application/ports do I need to add to the firewall rules so…
How to configure Azure and Entra ID logs into Log Analytics for Kusto Query?
Hi All, I need some help and suggestions to configure Azure and Entra ID logs into Log Analytics for Kusto Query. What are the procedures and what is the cost involved? Thanks.
How to deploy this Exploit protection policy and how it works across M365 tenant and devices?
How to deploy this Exploit protection policy and how it works across M365 tenant and devices? As I can see it requires the script but really not sure which script is needed and how to build from the below link?…
User pin locked
Hp laptop windows user login pin failed as security options have been changed no reset password option
How to Block only USB mass storage device from Intune
Hello There, I want to block only USB pen drive and other storage devices only from Intune. but the same time i want to access my other USB devices like keyboard, mouse, headphones etc. Please help! Thank You. Kind Regards, Pradeep
Sentinel - KQL for High tags
Hi All, Need your suggestion and support please We have Defender for endpoint, VIP devices are tagged as HIGH value assets under "Device Value" settings. Now i want to run advanced hunting queries which pulls "High" tagged devices…
Microsoft Azure and 365 security logs retention?
How far back or how long does Microsoft keep the logs that the Kusto QL may query from this website https://security.microsoft.com/v2/advanced-hunting?
How to Force MDE device management ( instead of configuration manager) for Windows Server
Hi, We are trying to managed Windows server 2016 and 2019 using the MDE /Intune policies. The status for Device managemnt is showing the status managed by 'config mgr' ( should be changed to managed by MDE) Settings for 'Use MDE to enforce…
Windows catalogue app(Win32)
Hi I cannot see Windows catalogue app(Win32) while adding application
Which admin role should be added or provided to a user/admin account which would be used to provide admin privilege's while doing admin tasks on Autopilot and Entra ID joined devices on remote session by Helpdesk admin?
Which admin role should be added or provided to a user/admin account which would be used to provide admin privilege's while doing admin tasks on Autopilot and Entra ID joined devices on remote session by Helpdesk admin? For Example: User needs to…
ASR policy deployment status not getting updated
I have configured an ASR policy of type - "Windows 10, Windows 11, and Windows Server (ConfigMgr)" The policy is successfully deployed the endpoint: SCCM shows the deployment is successful: The Overview shows that the policy is deployed to 1…
Possible to block just Screen Recording but not Screenshots?
Previously, when enabling the blocking of screen capturing for iOS devices, and then setting a group to exclude that. Users in the group to be included could not screen capture or screen record. While users in the exclude group, could screen capture, but…
How to enable Intune capabilities for Remote assistance
How do I activate the Intune features for remote support? For this functionality, what license do I need to add or buy? Is there any trial or way to test it before? I would appreciate any advice and assistance.
Smart Card Token Not detecting
Hi, One of user has reported an issue where he is not able to use the smart card token on the corporate device. The token is used to access Unified Patent Court Patent Management system. We have tested the token on a vanilla / non-managed PCs and it's…
Managing user and Windows 10/11 computer not joined to AD domain with Intune?
I need some advice on best practices and the steps involved in utilizing Intune to onboard and register a user with a Windows 10 or 11 OS PC. These are remote users with M365 E3 and M365 F3 licences assigned who are not connected to my on-premise AD…
How to Protection conditional based access for azure portal, to allow to access only for fixed IPs
How to Protection conditional based access for azure portal, to allow to access only for fixed IPs
Modern Workplace - Microsoft 365 - Compile
Hi I am trying to compile what an IT consultant/ Advisor needs to know in a Modern Workplace in Microsoft 365: Include: Office 365 SharePoint/OneDrive for Business Power Apps Security: Security Microsoft Defender for Endpoint - Best Practices …
How to block/disable "Control panel" and other settings on Windows devices via Intune so that end users should not be able to make any changes on devices?
How to block/disable "Control panel" and other settings on Windows devices via Intune so that end users should not be able to make any changes on devices?
How to export Autopilot devices from Intune or Entra ID which shows its part of Autopilot with separate column in report as I am not able to see it in Intune and Entra ID as well?
How to export Autopilot devices from Intune or Entra ID which shows its part of Autopilot with separate column in report as I am not able to see it in Intune and Entra ID as well? See below snap from Intune which does not show it.
Microsoft Defender for endpoint integration with Intune
Hi, the connection status inside Intune under Microsoft Defender for Endpoint is Unavailable. But when checked in Microsoft 365 Defender portal, under Settings > Advanced Features > Microsoft Intune connection is set to ON. How to make Microsoft…