How would I go about setting up CA for our environment, so that MFA isn't required?
So I have been made aware that MS is forcing MFA on their tenants. Now I am still inexperienced when it comes to MS Cloud, Azure and Entra. Now we have a few different tenants and an on-prem environment. Now while we are getting our users on it we will…
Can't create Quick Access configuration - Global Secure Access
When creating Quick Access configuration in Quick Access | Create Quick Access configuration I get: Network access settings Application operation failed. no further information is provided in the error. I do have a connector set up correctly and on in…
Security Baseline for Azure and Office 365
Hi collegues. Is there any security baseline in Azure and Office 365 we could use from Microsoft as an starting point to secure a Tenant in an initial and advanced way? Thanks. Regards
Security requirements to be considered for Microsoft Data Migration
What specific security requirements should be considered in case of Microsoft O365 and Azure Data Migration between tenants. Is there any specific checklist from Microsoft which can be considered as an initial starting point? Thanks. Regards.
How to upgrade Windows 10 Pro and Enterprise OS to Windows 11 Pro or enterprise via Intune policy? What are the steps and things we need to prepare before doing that?
How to upgrade Windows 10 Pro and Enterprise OS to Windows 11 Pro or enterprise via Intune policy? What are the steps and things we need to prepare before doing that?
Are incorrectly enrolled devices able to be queried in Advanced Hunting?
Hi, I am using Advanced Hunting to perform some auditing. I expected some devices to return results, but they are not; and the number of results when I search for all devices is way lower than expected for my queries. After checking the different IDs, I…
Block mobile phones when connected to a device as Removable Storage
Hi all, I'm trying to block all USB removable media connected to my company's laptops to about security breaches. I'm able to block USB pendrives and external hard drives, but If a connect a mobile phone (Android) to a laptop and set the connection to…
Allow Scanning Network Files
Hello, Could you please explain how the “Allow Scanning Network Files” policy functions within the Intune portal, specifically under Endpoint Security > Antivirus? Does enabling this policy mean that Defender will scan network-mapped drives? Thank you…
Automatically onboard devices from intune to defender
Hello, From the Intune portal under “Endpoint Security,” I have set the Microsoft Defender for Endpoint client configuration to “Auto” from the connector. If I am not mistaken, this is supposed to automatically onboard or offboard devices from Intune to…
Defender for Endpont - Device Isolation via API
Hello All, I am trying to craft an script to isolate device via powershell. I have created Enterprise app, i have assigned to that app permission (as delegated - i do not want to use it as application) Machine.Isolate and granted consent. Script…
Windows Defender keeps losing ASRs deployed by Intune
Hi all, for the whole last week, I have a very strange and recurring problem. Environment: Location EU0501, most devices HAADJ, some devices autopiloted entra only, Windows 10 and 11 on 22H2 or 23H2, Patchlevel 2024-02 or 2024-03 - so up to date. hybrid…
How can I deploy App Installer via Intune as app or package on Windows 11 devices so MS Teams would be installed on each devices as currently Teams is not being deployed on them because App Installer is not being auto updated or installed and MS Teams nee
How can I deploy App Installer via Intune as app or package on Windows 11 devices so MS Teams would be installed on each devices as currently Teams is not being deployed on them because App Installer is not being auto updated or installed and MS Teams…
Enable Bitlocker with Intune on already encrypted devices
Hello, many devices already use Bitlocker. However, they are manually encrypted and the recovery keys are lost. I would like to enable Bitlocker in my organization via Intune policy. But I don’t understand what the behavior of devices will be if the…
BitLocker not working automatically
I have been using the same silent BitLocker encryption settings on most tenants I set up with no issues. I have a Entra Hybrid Joined tenant that was using AirWatch as thier MDM which controlled BitLocker. Once the device was removed from BitLocker,…
shared settings : Number of days until partner is unresponsive
Hello, I hope this message finds you well. I am seeking clarification on the “Shared settings: Number of days until partner is unresponsive” option found under Endpoint Security > Microsoft Defender for Endpoint. Specifically, I would like to…
Need to restore a device record recently deleted from intune
Greetings Internet Hive Mind. iI have quite a conundrum on my hands. I recently had a user leave my company who took it upon himself to wipe his hard drive on the way out. Attempts to recover the data have all failed. Following the IT protocol I…
CAA800000 / An unknown Internet error has occured (How can I fix this error to enroll the Surface Pro 8 in Intunes via Company Portal?)
Hello, I tried to connect our Device (Surface Pro 8) to Intunes via the Company Portal and this is the error that occured. Do you guys have any suggestion of how to fix this? Thank you very much in advance and feel free to ask questions for more…
How to restrict the Azure portal, M365 admin portal and PowerShell access ?
Hi All, Using the Azure /Entra AD Premium P2 and Intune Hybrid Azure AD joined computer, how can I restrict access to the Azure Portal and M365 admin portal? The goal here is to restrict only the Hybrid Azure AD computer to allow access to the Azure…
Block data from uploading to anywhere but OneDrive corporate
Hello everyone, I have a scenario where I'm utilizing a Windows Azure virtual machine and would like to facilitate file sharing among my team via OneDrive. The workflow involves team members downloading files from OneDrive onto the server, importing them…
Defender for Endpoint Policies
Hello If a workstation or server is onboarded to defender for endpoint and no security policies have been pushed to the endpoint, what are the default settings or configuration that defender uses? does it stay dormant until policies are pushed? Thanks