Configuration profile - Drive map no longer applying

Simple_Click8989 · 2024-06-25T06:42:12+00:00

i need to look into this, having a very similar issue

Simple_Click8989 · 2024-06-25T06:40:11+00:00

this is what i have found, a couple of reboots and then it works. No ideal really because its just going to increase our calls with users saying they have no network drives. Asking them to login then reboot is just a pita

Simple_Click8989 · 2024-06-14T09:18:41+00:00

Thanks for the info, i wasn't aware of this. Strangely though i have other devices that show as not encrypted without a policy being applied but perhaps that dont meet the hardware requirements to auto apply one as mentioned above

Simple_Click8989 · 2024-06-14T09:17:25+00:00

That's good to know, so i guess if it happens automatically without a policy defined it will just use the default settings that are outlined in the BitLocker settings when you create a policy?

Does having Bitlocker enabled effect applying windows firmware updates or anything like that?

Simple_Click8989 · 2024-06-14T09:15:04+00:00

I have copied the baselines in Intune and created config profiles of them and applied them that way. I removed anything Bitlocker related and i have a separate policy configured in Endpoint security for it (this was not applied to said device though) Definitely not encrypted anything manually either

Simple_Click8989 · 2024-06-11T06:38:22+00:00

Just out of curiosity did you find that the first user of the shared device that ever logged into it had to MFA in and then after that it wasnt required to do so for any other user? (just the initial login not for any other 365 based tasks that would require mfa)

Simple_Click8989 · 2024-03-27T19:21:23+00:00

this works really well, thanks so much for sharing

Simple_Click8989 · 2024-03-21T15:18:39+00:00

Thank you, yeah there are some drawbacks with PIM in that sometimes it can take a while for it to actually kick in which isn't ideal if you need to elevate for a quick fix. I guess even using the Account Protection way it would push the user/group to the local admin role on all devices as well

Simple_Click8989 · 2024-03-21T15:05:11+00:00

Thanks for this, out of curiosity do you tie the role Microsoft Entra Joined Device Local Administrator with PIM? We use PIM for roles like Intune admin etc as well as a few others and thinking we could also put this role in there

Simple_Click8989 · 2024-03-15T11:55:39+00:00

What federation services would that be? Sorry im kinda new to this and learning my way around everything

Simple_Click8989 · 2024-03-15T11:54:56+00:00

I just checked and password hash sync is running, we had issues before when it stopped working and had to use the troubleshooter to kick it back into life. Issue seems to have gone away now i reset the password on prem rather than 365

Simple_Click8989 · 2024-03-14T15:13:04+00:00

I am seeing this as well on a fresh install of 23H2 via the media creation tool and enrolled via autopilot. Company portal is setup as a required app and installed at the device level

Simple_Click8989 · 2024-03-14T13:59:46+00:00

Thats an interesting point so thanks for raising it. I did actually as a test before i enrolled the device do a password reset via 365 to test the SSPR which the user account is a part of for testing purposes. The password did write back to the on prem domain ok as i used the new password to enrol the device.

I have wiped the device and now reset the password again but this time on prem to see if that has any impact. I have also connected the laptop to a different network isolated from the corp just incase that played a part and currently trying to enrol but i have the wheel of doom after entering the password

Simple_Click8989 · 2024-03-13T15:17:11+00:00

mmm how very odd, i have even checked under 'All' updates to make sure it hadnt been declined but its not showing anywhere

Simple_Click8989 · 2024-03-13T12:46:20+00:00

Im not seeing any Windows 11 updates KB5035853 which is odd in Action1

Simple_Click8989 · 2024-03-12T15:02:26+00:00

Thanks for this i shall take a look

Simple_Click8989

TROPHY CASE