Microsoft Intune Security

Device Still showing up as Exposed in Secure Score

Looking at my secure score in Security Blade (MS 365 Defender), I notice that I have a lot of recommendation's which are showing a device I retired a while ago, still showing up as an 'exposed device' in said recommendation's. Any idea how I clear this…

WDAC File Exclusions Not Working

Hi Everyone, I've been playing with this for the past two weeks and have a good grip on the way it differs from AppLocker. I have come across an issue during testing with Connectwise Control when an on-demand support session is created and a PC with WDAC…

BitLocker status "Waiting on activation" on HP ProBook 440 G5 laptops.

Hi All,   Since +/- Friday 07-July-2023 we started noticing (so it might have started earlier) that only our HP ProBook 440 G5 laptops no longer automatically enabled BitLocker after it was installed with a new image (and because of that, they will not…

HAADJ LAPS wont backup to AAD

I am trying to setup a new Windows LAPS configuration for devices that were Autopilot HAADJ. Following MS documentation https://video2.skills-academy.com/en-us/windows-server/identity/laps/laps-scenarios-azure-active-directory AAD has the "Enable Azure…

Security best practice in publishing a static file for global file (wallpapers and other files) deployment worldwide with Intune?

People, I need some help and suggestion in selecting a secure publicly accessible location for my file deployment like Wallpapers for example. When I put the file into my existing Azure Storage account with the hot tier let's say…

Microsoft Defender Indicator Rules

Hello, I created two indicator rules in the security center (security.microsoft.com) based on the file hash. I set the indicator action to allow but it still triggers events and e-mails. Should i create a addiontal alert supression regarding this file…

How to setup kiosk device on Windows machine? What are ways to do it with single and multiple apps on kiosk device?

How to setup kiosk device on Windows machine? What are ways to do it with single and multiple apps on kiosk device?

Is there any reference to default Microsoft Defender Antivirus Policy using Intune / Endpoint Manager?

Is there any knowledge base that provides default / Microsoft recommended setting for antivirus (Microsoft Defender Antivirus) policy in endpoint manager / intune?

Attack Surface Reduction\Defender - Not Blocking .EXE

I have an interesting situation where an unsigned .EXE is being allowed to run even though everything I know about my setup seems to indicate it should be blocked. The .EXE is an in-house developed, unsigned .EXE. That is why I'm using it to test this…

ASR Rule blocks Outlook Add-In

Hello there We've deployed ASR Rules via Sec. Basline for our customer. We've also installed an Outlook Plug-in (officeatwork) for managing Signatures in Outlook. On one device the ASR-Rule blocks the Outlook Add-In via "msedgewebview2.exe". On…

Easy way to enroll a MacOS device to MS defender 365

I am looking for an easy way to enroll my macOS device to MS defender 365 (Endpoint manager) but not Intune. I have done that part as shown below and I even have the the configuration profiles in place but it isnt picking it up in Defender 365…

Conditional Access Policy - Azure VDI\M365 - Require VDI Only

I am having a problem customizing a conditional access policy and I am either running into a bug or am doing something wrong. GOAL:  The CAP must permit a group of users to access a VDI environment (a Windows virtual desktop), while denying them the…

Can you display last logon information on a AADJ laptop?

Hi, From Intune > Devices > Device configuration profiles, I set up a configuration profile with Settings catalog > Administrative Templates > Windows Components > Windows Logon options > Display information about previous logons during…

Settings missing for enabling silent encryption

Hi, I'm trying to enable silent encryption on the intune portal, however the options that are shown in the article https://video2.skills-academy.com/en-us/mem/intune/protect/encrypt-devices are not there at all. They seem to be changed in wordings and i…

How to setup kiosk device on Windows machine? What are ways to do it with single and multiple apps on kiosk device?

How to setup kiosk device on Windows machine? What are ways to do it with single and multiple apps on kiosk device?

How to setup an OneDrive on Windows devices during the device enrollment process using autopilot profile?

How to setup an OneDrive on Windows devices during the device enrollment process using autopilot profile? Is there any way from autopilot profile or any other way we can use and do this for users?

[Microsoft 365 basic] Adding phone security error "We're sorry. We ran into a problem"

How to configure/setup "Enable 'Require additional authentication at startup'" on Windows devices via Intune?

How to configure/setup "Enable 'Require additional authentication at startup'" on Windows devices via Intune? See below screenshots.

How to track down the device which is setup/placed in remote site for workers to use from Azure AD or is there any other way we can track it?

How to track down the device which is setup/placed in remote site for workers to use from Azure AD or is there any other way we can track it?

Hello sorry can you give me the correct link on how will I manually assign device status using Intune. Thank you!

Hello sorry can you give me the correct link on how will I manually assign device status using Intune. Thank you!