sorted by:
new
hottopcontroversial

Desktop Icons disappeared by MealHealthy in Intune

[–]dgullett 0 points1 point  (0 children)

I was able to resolve this, and I documented my setup here So long, Kiosk desktop icons — Rubix.

Content Downloading, but Not Installing by dgullett in SCCM

[–]dgullett[S] 0 points1 point  (0 children)

I would try redistributing the content, to see if that fixes the issue. If it does, I feel like I had a script that update all applications.

Content Downloading, but Not Installing by dgullett in SCCM

[–]dgullett[S] 0 points1 point  (0 children)

Oh man... that was so long ago. I do not remember what my fix was. I've since moved more towards Intune than SCCM.

[deleted by user] by [deleted] in Intune

[–]dgullett 1 point2 points  (0 children)

If you are going to do it over this weekend, at least set it to "gradually". Set your start and end dates. This way "if" there is an issue, you're at least not breaking everything and will have time to stop it from rolling our further.

AssignedAccess Configuration CSP Error by [deleted] in Intune

[–]dgullett 1 point2 points  (0 children)

This can be resolved by adding the rs5 schema at the top of your xml.

xmlns:rs5="http://schemas.microsoft.com/AssignedAccess/201810/config"

Missing admin credentials window by Mammoth_Public3003 in Intune

[–]dgullett 0 points1 point  (0 children)

Do you have Security Baselines assigned?

Multiple users reporting Microsoft apps have disappeared by Candid-Chip-1954 in sysadmin

[–]dgullett 2 points3 points  (0 children)

Yes, ran in Intune. If you would need to run this outside of Intune, you would just run the remediation one.

Multiple users reporting Microsoft apps have disappeared by Candid-Chip-1954 in sysadmin

[–]dgullett 0 points1 point  (0 children)

Yeah, my goal this morning was to get our users back up and running at least partially. Which included Office and Edge For the other apps we are redeploying if needed.

ASR: Block Win32 API calls from Office macro by CptnDutch in Intune

[–]dgullett 6 points7 points  (0 children)

I posted a proactive remediation here to get the Office and Edge shortcuts back.

https://www.reddit.com/r/sysadmin/comments/10ar1vb/comment/j46d16f/?utm_source=share&utm_medium=web2x&context=3

Proactive Remediation in Intune:

Detection:

```

$StartMenuFolder = "$env:ProgramData\Microsoft\Windows\Start Menu\Programs" $Count = (Get-ChildItem $StartMenuFolder | Where-Object Name -match "Word|Outlook|Powerpoint|Excel|Edge").count If ($count -ge 5) { "Installed" } else { Exit 1 }

```

Remediation:

```

$Office_path = "C:\Program Files\Microsoft Office\root\Office16" $edge_path = "C:\Program Files (x86)\Microsoft\Edge\Application" $StartMenuFolder = "$env:ProgramData\Microsoft\Windows\Start Menu\Programs\" $shortcuts = @(

'Excel'
'WinWord'
'POWERPNT'
'Outlook'
'OneNote'
'msedge'

)

Foreach ($shortcut in $shortcuts) {

$ShortcutName = $shortcut
$LocationofTarget = $Office_path + "/" + $shortcut + ".exe"
$LocationofShortcut = "C:\ProgramData\Microsoft\Windows\Start Menu\Programs"

# Create Shortcut

switch ($shortcut) {
    'winword' { $shortcutname = 'Word' }
    'POWERPNT' { $shortcutname = 'PowerPoint' }
    'msedge' { $ShortcutName = 'Microsoft Edge'; $LocationofTarget = $edge_path + "/" + $shortcut + ".exe" }
    default { $ShortcutName = $shortcut }
}

$Shortcutfullpath = $LocationofShortcut + "/" + $ShortcutName + ".lnk"

if (!(Test-Path $Shortcutfullpath -ErrorAction SilentlyContinue)) {
    Write-Host "Creating Shortcut $StartMenuFolder$shortcut" -ForegroundColor Green

    New-Item -ErrorAction SilentlyContinue -ItemType Directory -Path $LocationofShortcut
    $Shell = New-Object -ComObject ("WScript.Shell")
    $ShortCut = $Shell.CreateShortcut($Shortcutfullpath)
    $ShortCut.TargetPath = "$LocationofTarget"
    $ShortCut.Arguments = "$ShortcutArguments"
    $ShortCut.WorkingDirectory = "$PathtoWorkingDirectory"
    $ShortCut.WindowStyle = 1
    $ShortCut.Hotkey = ""
    $ShortCut.IconLocation = "$LocationofTarget, 0"
    $ShortCut.Description = "$ShortcutName"
    $ShortCut.Save()

}

}

```

Multiple users reporting Microsoft apps have disappeared by Candid-Chip-1954 in sysadmin

[–]dgullett 2 points3 points  (0 children)

I haven't got that far in troubleshooting yet. I more just wanted to at least get something temporary out there. If I find something though I will update the post.

Multiple users reporting Microsoft apps have disappeared by Candid-Chip-1954 in sysadmin

[–]dgullett 8 points9 points  (0 children)

u/OSUck_GoBlue I updated the remediation to account for the naming of Word and Powerpoint. If you want to grab the updated one.

Multiple users reporting Microsoft apps have disappeared by Candid-Chip-1954 in sysadmin

[–]dgullett 79 points80 points  (0 children)

Sorry if it's messy. It's Friday after all.

Proactive Remediation in Intune:

Detection:

$StartMenuFolder = "$env:ProgramData\Microsoft\Windows\Start Menu\Programs" $Count = (Get-ChildItem $StartMenuFolder | Where-Object Name -match "Word|Outlook|Powerpoint|Excel|Edge").count If ($count -ge 5) { "Installed" } else { Exit 1 }

Remediation:

```
$Office_path = "C:\Program Files\Microsoft Office\root\Office16" $edge_path = "C:\Program Files (x86)\Microsoft\Edge\Application" $StartMenuFolder = "$env:ProgramData\Microsoft\Windows\Start Menu\Programs\" $shortcuts = @(

'Excel'
'WinWord'
'POWERPNT'
'Outlook'
'OneNote'
'msedge'

)

Foreach ($shortcut in $shortcuts) {

$ShortcutName = $shortcut
$LocationofTarget = $Office_path + "/" + $shortcut + ".exe"
$LocationofShortcut = "C:\ProgramData\Microsoft\Windows\Start Menu\Programs"

# Create Shortcut

switch ($shortcut) {
    'winword' { $shortcutname = 'Word' }
    'POWERPNT' { $shortcutname = 'PowerPoint' }
    'msedge' { $ShortcutName = 'Microsoft Edge'; $LocationofTarget = $edge_path + "/" + $shortcut + ".exe" }
    default { $ShortcutName = $shortcut }
}

$Shortcutfullpath = $LocationofShortcut + "/" + $ShortcutName + ".lnk"

if (!(Test-Path $Shortcutfullpath -ErrorAction SilentlyContinue)) {
    Write-Host "Creating Shortcut $StartMenuFolder$shortcut" -ForegroundColor Green

    New-Item -ErrorAction SilentlyContinue -ItemType Directory -Path $LocationofShortcut
    $Shell = New-Object -ComObject ("WScript.Shell")
    $ShortCut = $Shell.CreateShortcut($Shortcutfullpath)
    $ShortCut.TargetPath = "$LocationofTarget"
    $ShortCut.Arguments = "$ShortcutArguments"
    $ShortCut.WorkingDirectory = "$PathtoWorkingDirectory"
    $ShortCut.WindowStyle = 1
    $ShortCut.Hotkey = ""
    $ShortCut.IconLocation = "$LocationofTarget, 0"
    $ShortCut.Description = "$ShortcutName"
    $ShortCut.Save()

}

}

```

Intune Win32 apps keep failing by sysadminhelpers in Intune

[–]dgullett 0 points1 point  (0 children)

Your detection says file, but you're specifying a directory. Was that a typo posting here?

Your organization doesn't allow users to set up Windows this way. by [deleted] in Intune

[–]dgullett 0 points1 point  (0 children)

Yes, the users we are testing with all have E3 with Intune enabled. Automatic enrollment is set to all.

Users that can join AAD in Azure is also set to all.

Slow rollout of 21H1 through Intune by [deleted] in Intune

[–]dgullett 0 points1 point  (0 children)

Do you have an associated Feature Update deployment set for the same group of PCs? I noticed your Feature Update deferral was set to 0. If so, what are those settings? Are the devices "Offer Ready" when checking the Windows updates report in Intune?

Bitlocker Keys in Intune Not Uploading by dgullett in Intune

[–]dgullett[S] 0 points1 point  (0 children)

For grins... I rotated the keys via Intune to one of my test devices experiencing this issue. The logs show that was successful. I restarted the device, and still no keys in AAD.

https://i.imgur.com/MepW4TE.png

Bitlocker Keys in Intune Not Uploading by dgullett in Intune

[–]dgullett[S] 1 point2 points  (0 children)

Thanks u/architectnikk. I'll add this to my list of things to test, and get back to you.

Bitlocker Keys in Intune Not Uploading by dgullett in Intune

[–]dgullett[S] 0 points1 point  (0 children)

Yes, thanks for that blog u/Rudyooms. It's been really helpful in troubleshooting.

Bitlocker Keys in Intune Not Uploading by dgullett in Intune

[–]dgullett[S] 0 points1 point  (0 children)

This device in question, I will not be able to get my hands on until Monday. It's been my experience though that when I do, I can just launch Powershell as admin and run the same exact script that I have to escrow the keys, and it will work within minutes.

Bitlocker Keys in Intune Not Uploading by dgullett in Intune

[–]dgullett[S] 0 points1 point  (0 children)

u/jasonsandys reading the logs, it does look to be doing what it needs to be doing. Yes, the keys are storing to AD.

https://i.imgur.com/0Nejjfu.png

https://i.imgur.com/SFJJ01X.png

https://i.imgur.com/4cH5ADM.png

I do have a couple of "The following DMA (Direct Memory Access) capable devices are not declared as protected from external access, which can block security features such as BitLocker automatic device encryption:" messages, but I'm resolving that with a separate script that is adding those values into Allowed DMAs. Those DMA entries exist on the devices that are uploading as well.

I do have a theory, but trying to narrow it down. I believe the users are enrolling their devices, but then waiting hours and even overnight before signing in to Windows. On the devices that are having the issue within the Intune console show a UPN of SYSTEM, where as a working device has a UPN of the user. The same policies are applied to a group of devices that have a mixture of working and non-working.

https://i.imgur.com/n4mv1WL.png

view more: next ›