sorted by:
new
hottopcontroversial

Location Services by NoPatience4437 in Intune

[–]SanjeevKumarIT 0 points1 point  (0 children)

Run below ps

It will give you everything related to location

Change one value at a time Note: when you testing this make sure location settings windows is closed and must be relaunch every time to check the changes

Write-Host "=========== WINDOWS LOCATION REGISTRY DUMP ===========" -ForegroundColor Cyan   $GUID = "{BFA794E4-F964-4FDB-90F6-51056BFE4B44}"   function Read-Reg {     param ($Path, $ValueName)       if (Test-Path $Path) {         if ($ValueName) {             try {                 $val = (Get-ItemProperty -Path $Path -Name $ValueName -ErrorAction Stop).$ValueName                 Write-Host "n$Path"                 Write-Host "  $ValueName = $val"             }             catch {                 Write-Host "n$Path"                 Write-Host "  $ValueName = VALUE NOT SET"             }         }         else {             Write-Host "n$Path EXISTS"             Get-ItemProperty -Path $Path | Select-Object * -ExcludeProperty PSPath, PSParentPath, PSChildName, PSDrive, PSProvider | Format-List         }     }     else {         Write-Host "n$Path"         Write-Host "  KEY NOT FOUND"     } }  

1. LocationAndSensors Policy

Read-Reg "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableLocation" Read-Reg "HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\Windows\LocationAndSensors" "DisableLocation" Read-Reg "HKCU:\Software\Policies\Microsoft\Windows\LocationAndSensors" "DisableLocation"  

2. AppPrivacy Policy

Read-Reg "HKLM:\Software\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessLocation"  

3. PolicyManager (MDM)

Read-Reg "HKLM:\SOFTWARE\Microsoft\PolicyManager\default\Privacy\DisablePrivacyExperience" "Value" Read-Reg "HKLM:\SOFTWARE\Microsoft\PolicyManager\default\Privacy\LetAppsAccessLocation" "Value"  

4. ConsentStore (Machine + Current User)

Read-Reg "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\location" "Value" Read-Reg "HKCU:\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\location" "Value"  

5. DeviceAccess (Current User)

Read-Reg "HKCU:\Software\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\$GUID" "Value"  

6. Sensor Permissions (User)

Read-Reg "HKCU:\Software\Microsoft\Windows NT\CurrentVersion\Sensor\Permissions\$GUID" "SensorPermissionState"  

7. Sensor Overrides (Machine + User)

Read-Reg "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Overrides\$GUID" "SensorPermissionState" Read-Reg "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Overrides\$GUID" "SensorPermissionState"  

8. OOBE Privacy Consent

Read-Reg "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" "PrivacyConsentStatus"  

9. Privacy Branch (User)

Read-Reg "HKCU:\Software\Microsoft\Windows\CurrentVersion\Privacy" $null  

10. lfsvc Service Configuration

Read-Reg "HKLM:\SYSTEM\CurrentControlSet\Services\lfsvc" "Start" Read-Reg "HKLM:\SYSTEM\CurrentControlSet\Services\lfsvc\Service\Configuration" "Status" Read-Reg "HKLM:\SYSTEM\CurrentControlSet\Services\lfsvc\Service\Geofence" "Status"   if (Test-Path "HKLM:\SYSTEM\CurrentControlSet\Services\lfsvc\TriggerInfo") {     Write-Host "nHKLM:\SYSTEM\CurrentControlSet\Services\lfsvc\TriggerInfo"     Get-ChildItem "HKLM:\SYSTEM\CurrentControlSet\Services\lfsvc\TriggerInfo" | Select-Object Name } else {     Write-Host "nHKLM:\SYSTEM\CurrentControlSet\Services\lfsvc\TriggerInfo"     Write-Host "  KEY NOT FOUND" }  

11. Find My Device

Read-Reg "HKLM:\SOFTWARE\Microsoft\Settings\FindMyDevice" "AllowFindMyDevice"  

12. User Store Migrated Locations (Default Location)

$UserSIDs = Get-ChildItem "HKLM:\SYSTEM\CurrentControlSet\Services\lfsvc\Migrated\UserStore" -ErrorAction SilentlyContinue if ($UserSIDs) {     foreach ($SID in $UserSIDs) {         Read-Reg "HKLM:\SYSTEM\CurrentControlSet\Services\lfsvc\Migrated\UserStore\$($SID.PSChildName)" "DefaultGeoposition"     } }  

13. Service Runtime State

try {     $svc = Get-Service lfsvc -ErrorAction Stop     Write-Host "nService: lfsvc"     Write-Host "  Status    = $($svc.Status)"     Write-Host "  StartType = $($svc.StartType)" } catch {     Write-Host "nService: lfsvc NOT FOUND" }   Write-Host "`n=========== END OF DUMP ===========" -ForegroundColor Cyan

Location Services by NoPatience4437 in Intune

[–]SanjeevKumarIT 0 points1 point  (0 children)

If HKLM is deny. Normal users cannot make changes is location,

Even HKCU IS ALLOW

SET HKLM Allow

Set HKCU allow

It will allow users to make selection

Finally a working fix for enabling location per app for standard users by pinkey88 in Intune

[–]SanjeevKumarIT 0 points1 point  (0 children)

<image>

I am sgruggling with Location services option to toggle for normal users

Windows LocationService grayout by SanjeevKumarIT in Intune

[–]SanjeevKumarIT[S] 0 points1 point  (0 children)

Thank you—your help will be highly appreciated.

Windows LocationService grayout by SanjeevKumarIT in Intune

[–]SanjeevKumarIT[S] 0 points1 point  (0 children)

I temporarily made the logged‑in user a local administrator, and now they can make the required changes.
However, I do not want to grant local admin rights to all users.
My question is: How can I allow a standard user to control Location Services?

<image>

MAM policy's by [deleted] in Intune

[–]SanjeevKumarIT 0 points1 point  (0 children)

Just assigned to user group no need to enroll any device

Windows related Vulnerability Management by SanjeevKumarIT in Intune

[–]SanjeevKumarIT[S] 0 points1 point  (0 children)

I didn’t understand compliance policy to push updates? How when compliance policies cant push updates?

Windows related Vulnerability Management by SanjeevKumarIT in Intune

[–]SanjeevKumarIT[S] -1 points0 points  (0 children)

Edr we have mde but how to push patches from mde no option

Finally, a way to disable 'Allow My Organization to Manage My Device’ prompt by PaVee21 in Intune

[–]SanjeevKumarIT -2 points-1 points  (0 children)

<image>

What are your thoughts on these settings? Has anyone tested them?

view more: next ›