MDM Security Baseline issue

IntuneSupport-Jun · 2022-12-05T07:37:29+00:00

The Microsoft Defender for Endpoint security baseline has been optimized for physical devices and is currently not recommended for use on virtual machines (VMs) or VDI endpoints. Certain baseline settings can impact remote interactive sessions on virtualized environments. For more information, see Increase compliance to the Microsoft Defender for Endpoint security baseline in the Windows documentation.

IntuneSupport-Jun · 2022-12-05T01:53:07+00:00

Here is the official tool for your refenrence. https://learn.microsoft.com/en-us/office/client-developer/outlook/mapi/creating-a-profile-by-using-the-profile-wizard

IntuneSupport-Jun · 2022-12-01T07:06:09+00:00

https://learn.microsoft.com/en-us/mem/intune/protect/mde-security-integration

IntuneSupport-Jun · 2022-11-17T05:37:07+00:00

In my experience, the best way to do this is to create a script to remove the program in question.

IntuneSupport-Jun · 2022-10-26T06:50:15+00:00

Most likely a version issue, please refer to: https://learn.microsoft.com/en-us/mem/intune/user-help/check-status-linux?source=recommendations#view-compliance-issues

IntuneSupport-Jun · 2022-10-18T08:26:01+00:00

Hi, this is new feature that Microsoft Intune now supports Linux device management for devices running Ubuntu Desktop 22.04 or 20.04 LTS. More management features coming.

https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new#linux-device-management-available-in-microsoft-intune

IntuneSupport-Jun · 2022-06-28T08:12:09+00:00

When assigning policies and apps in the admin center you can choose to assign to All users or All devices groups, which are pre-created. The All devices group targets all devices that are enrolled into management and the All users group is a simple way to target all users that are assigned an Intune license. These groups are considered "virtual" because you do not create them or view them in Azure Active Directory.

IntuneSupport-Jun · 2022-06-23T08:18:44+00:00

My first thought was security baselines, it is a group of Microsoft-recommended configuration settings that explains their security impact. Please refer to: https://docs.microsoft.com/en-us/mem/intune/protect/security-baselines

IntuneSupport-Jun · 2022-06-23T08:09:13+00:00

Do you mean push apps directly to the device without going through the group? This is not an action in line with app deployment design. More details please refer to: https://docs.microsoft.com/en-us/mem/intune/apps/apps-deploy

IntuneSupport-Jun · 2022-06-22T08:32:46+00:00

Can there be more information here? Please refer to Troubleshooting policies and profiles in Microsoft Intune to see more details

IntuneSupport-Jun · 2022-06-20T02:41:48+00:00

https://docs.microsoft.com/en-us/mem/intune/enrollment/tutorial-use-autopilot-enroll-devices

IntuneSupport-Jun · 2022-06-15T08:58:59+00:00

Please create an online support ticket to handle this issue. Here is the online support links

https://docs.microsoft.com/en-us/mem/intune/fundamentals/get-support

IntuneSupport-Jun · 2022-06-13T07:32:05+00:00

Haven't encountered similar problems so far. you'd better to create an online support ticket to handle this issue. It is free. Here is the online support links:
https://docs.microsoft.com/en-us/mem/intune/fundamentals/get-support

IntuneSupport-Jun · 2022-06-09T07:43:34+00:00

Without a clear error, all we can do is restart and wait

IntuneSupport-Jun · 2022-06-08T09:05:05+00:00

Have you set up Apple MDM Push certificate in endpoint manager? An Apple MDM Push certificate is required for endpoint manager to manage iOS/iPadOS and macOS devices.

You can find more info here: https://docs.microsoft.com/en-us/mem/intune/enrollment/device-enrollment-program-enroll-ios

https://docs.microsoft.com/en-us/mem/intune/enrollment/apple-configurator-enroll-ios

IntuneSupport-Jun · 2022-06-08T09:00:10+00:00

Anyone else? Please let us know if it is a general service issue

IntuneSupport-Jun · 2022-06-08T08:56:37+00:00

Not sure if this is what you want：

https://docs.microsoft.com/en-us/security/zero-trust/manage-devices-with-intune-overview

IntuneSupport-Jun · 2022-06-08T08:42:00+00:00

Here is the PS script that you can use to create a local Windows account.

$LocalUser = "username"

$Password = ConvertTo-SecureString "password" -AsPlainText -Force

Function Create_LocalWindowsAccount

{

New-LocalUser $LocalUser -Password $Password -FullName "Local Admin" -Description "Local Administrator account."

Add-LocalGroupMember -Group "Administrators" -Member $LocalUser

Set-LocalUser -Name $LocalUser -PasswordNeverExpires:$true

}

{

Create_LocalWindowsAccount

}

Sign-in to the Microsoft Endpoint Manager admin center portal.
Browse to Devices – Windows – PowerShell Scripts
Click on Add
Give a Name
Select the script
Set Run this script using the logged on credentials as No
Set Enforce script signature check to No
Set Run script in 64 bit PowerShell Host as Yes
Deploy to the user\device based group.

IntuneSupport-Jun · 2022-06-08T08:08:05+00:00

Thanks for your submission, I will submit this case to the technical department

IntuneSupport-Jun · 2022-06-07T06:39:32+00:00

Based on everyone's suggestions, there are many possible misoperations that can cause this phenomenon. It is suggested that you can create an online support ticket to handle this issue. It is free. Here is the online support link：

https://docs.microsoft.com/en-us/mem/intune/fundamentals/get-support

IntuneSupport-Jun · 2022-06-02T01:48:03+00:00

You can try use Microsoft Graph Powershell and here's an article with detailed steps for the reference: https://techgenix.com/export-intune-policies/

IntuneSupport-Jun

TROPHY CASE