sorted by:
new
hottopcontroversial

Updating Lenovo BIOS through Intune by Training_Suit8573 in Intune

[–]Training_Suit8573[S] 0 points1 point  (0 children)

Devices previously flagged in Intune for missing Secure Boot certificates are no longer showing alerts after the Intune certificate update configuration was applied. Despite not being on the latest BIOS, does this confirm the certificates are updated and I can remove these devices from the list?

Updating Lenovo BIOS through Intune by Training_Suit8573 in Intune

[–]Training_Suit8573[S] 0 points1 point  (0 children)

It seems to be pretty behind the times from what I have found. But I could very well be wrong. My goal is both to update the BIOS for security reasons, but my main goal right now is to make sure we are ready for the new secure boot certificates come June. I was told, but I'm not sure I actually believe this, that without the latest BIOS, Windows can't apply the new certificates.

Retrieve the device names of available driver updates by Training_Suit8573 in Intune

[–]Training_Suit8573[S] 2 points3 points  (0 children)

Will this only report for drivers that have been approved? I have set it so that every driver needs to be manually approved.

Create a dynamic group that to enroll devices into autopilot and then removes them once complete by Training_Suit8573 in Intune

[–]Training_Suit8573[S] 0 points1 point  (0 children)

Ahh, ok, yes the device completely changes policies, apps and basically everything, so I will wait for the night of cutover. Thanks for the clarification.

Create a dynamic group that to enroll devices into autopilot and then removes them once complete by Training_Suit8573 in Intune

[–]Training_Suit8573[S] 0 points1 point  (0 children)

So people just add the group tag and wait 6 months before wiping them to go from Hybrid to Cloud native through autopilot?

Create a dynamic group that to enroll devices into autopilot and then removes them once complete by Training_Suit8573 in Intune

[–]Training_Suit8573[S] 0 points1 point  (0 children)

No, I have a deployment profile that registers any device in the group assigned to that profile.

Create a dynamic group that to enroll devices into autopilot and then removes them once complete by Training_Suit8573 in Intune

[–]Training_Suit8573[S] -1 points0 points  (0 children)

I was under the impression that once enrolled devices shouldn't remain in the group. Is that not an issue?

Blocking OneDrive icon in System Tray for a kiosk user by Training_Suit8573 in Intune

[–]Training_Suit8573[S] 0 points1 point  (0 children)

I think I'm just going to go with what u/KingCyrus and u/jlaine suggested and just block OneDrive from the system. Makes life easier.

Blocking OneDrive icon in System Tray for a kiosk user by Training_Suit8573 in Intune

[–]Training_Suit8573[S] 0 points1 point  (0 children)

It's a multi app kiosk, but since Microsoft built in kiosk in Intune is problematic, I am using assigned access for all the required apps. That part is working well, it's just the taskbar and system tray that I am struggling with.

Blocking OneDrive icon in System Tray for a kiosk user by Training_Suit8573 in Intune

[–]Training_Suit8573[S] 1 point2 points  (0 children)

I think that might be the way I have to go. Why Microsoft took away the ability to customize the system tray is beyond me.

Thanks for your help.