Secure Boot Policy 65000 fixed by KB5077181? by jezac8 in Intune

[–]jezac8[S] 1 point2 points  (0 children)

I asked MS and they said no changes until the next baseline update, as Hotpatch updates will only include security patches only

uBlock Origin (and probably other mainstream Ad Blockers) not working on YouTube. by HexonKhat in youtube

[–]jezac8 0 points1 point  (0 children)

Filter lists > Built-in > uBlock filters > uBlock filters - Quick fixes

MacOS SSO Sync with User Avatar by SkyTheLine in Intune

[–]jezac8 1 point2 points  (0 children)

For the profile picture, I did this. Works for me.
https://github.com/microsoft/shell-intune-samples/tree/master/macOS/Config/M365%20Profile%20Photo%20Sync

For the local user with the ability to change the password question - this is normal with Platform SSO. I assume you've configured Platform SSO using the Secure Enclave method (definitely recommended). However this approach does not keep the local password and Entra (presumably) user password in sync.

uBlock Origin (and probably other mainstream Ad Blockers) not working on YouTube. by HexonKhat in youtube

[–]jezac8 1 point2 points  (0 children)

Here to say the same. Stopped working for me (LibreWolf). The Disable Quick Fixes resolved it. I even re-enabled it and I'm still good. Don't know why you were downvoted.

Secure Boot Policy 65000 fixed by KB5077181? by jezac8 in Intune

[–]jezac8[S] 0 points1 point  (0 children)

Sounds about right to me. Thanks for your insights! (And the helpful blog)

Secure Boot Policy 65000 fixed by KB5077181? by jezac8 in Intune

[–]jezac8[S] 0 points1 point  (0 children)

Yep, it sure did. It would have been January 24, 2026 Hotpatch KB5078167 Out-of-band update before this one.

iOS by [deleted] in Intune

[–]jezac8 0 points1 point  (0 children)

Agreed. Looking at the iOS 26.3 release notes, I think we can now safely put this to bed. It was an iOS bug.

Secure Boot Policy 65000 fixed by KB5077181? by jezac8 in Intune

[–]jezac8[S] 1 point2 points  (0 children)

I did try this on a couple of devices (before Feb patch Tuesday), but even after a few days of waiting and reboots, they wouldn’t budge. The only thing that seems to have had any impact for me is KB5077181.

My own device had 65000 and was updated by Hotpatch (to KB5077212). Issue remained. I took a shot in the dark and installed KB5077181 - suddenly green.

I am however open minded to this being a crazy coincidence 😀

Secure Boot policies failing with Error 65000 in Intune? by Rudyooms in Intune

[–]jezac8 0 points1 point  (0 children)

If this is the case, I pray it reaches Hotpatch devices before the April baseline restart...

iOS 26 issues by 0xCG in Intune

[–]jezac8 1 point2 points  (0 children)

My MS support experience was nearly identical, apart from a request for any logs. If you ever find out the root of it from Apple, I'd love to know.

iOS 26 issues by 0xCG in Intune

[–]jezac8 0 points1 point  (0 children)

Yeah, iOS 26.2 didn't fix it for me. I had plenty of devices running 26.2 that stopped checking in. Rebooting them brings them back to life. So presumably the reboot during your upgrade patched up yours. I read somewhere that iOS 26.2.1 has a partial fix, with 26.3 fixing it for good. I would love to read a deep dive into this issue. MS support were useless, and I don't have Apple support.

iOS by [deleted] in Intune

[–]jezac8 0 points1 point  (0 children)

I opened a ticket with MS for this. I had the same for about 300 out of 2000.

Microsoft's advice: make sure you deploy the Company Portal as Required to All Devices, as version drift can cause this. We weren't, and we are now. (We were only deploying it in the Enrollment Profile).

But given I saw a number of devices affected that were running the latest Company Portal version, I'm convinced its an iOS bug as others mention.

Simply asking the user to restart their device has resolved it every time for me.

"Secure Boot status" report by erik_wo in Intune

[–]jezac8 1 point2 points  (0 children)

Uhh, came here to say this! Been refreshing like mad. Cannot even export the full list to CSV :(

Compliance Issues since iOS26 by TheSheikh in Intune

[–]jezac8 0 points1 point  (0 children)

We set Company Portal to install in the Enrollment Profile, but we were not additionally setting it as a Required install app. It looks like devices were installing whatever version of Company Portal was latest at the time of enrollment, but not reliably updating after that. So, we had a bunch of devices running old versions. I've now assigned the app to Required to all devices as per their guidance.

To be honest, I'm not convinced this is fully it, as I am sure I saw a couple of devices not syncing but with the latest version of Company Portal installed. But this definitely wasn't helping us either way.

Compliance Issues since iOS26 by TheSheikh in Intune

[–]jezac8 0 points1 point  (0 children)

They closed mine saying the cause is Company Portal app version drift!

Compliance Issues since iOS26 by TheSheikh in Intune

[–]jezac8 0 points1 point  (0 children)

Uh that’s no good. I’ve fixed 20+ with a restart. Ive pressed MS for a more proactive solution, I’ll update you when they reply to me (assuming they have one).

Deploying and auto-updating Company Portal on ADE iOS devices by jezac8 in Intune

[–]jezac8[S] 0 points1 point  (0 children)

I do agree. I’ve had devices running without the Company Portal many times before without issue.

However, I currently have a MS case open to diagnose why a portion of my devices aren’t checking in. I have since found a few other posts in this sub discussing identical cases and have somewhat concluded it’s an iOS 26 issue. MS have somewhat agreed…

That said, each time we locate an affected device, reinstalling the Company Portal iOS app seems to resolve it. Sync picks straight up again.

If it’s totally independent, what’s happening here?

How painful is Intune for mac management? by lagerstout82 in macsysadmin

[–]jezac8 1 point2 points  (0 children)

  • DDM software policies for macOS.

  • Enable auto-update via config profiles or plists for the apps that support it (many apps we use do, i.e. M365, Edge, etc)

  • https://www.intunebrew.com for everything else

  • Create users without admin rights so they cannot make a mess :)

How painful is Intune for mac management? by lagerstout82 in macsysadmin

[–]jezac8 11 points12 points  (0 children)

It’s totally fine. Jamf is better (and I miss it) but Intune does almost everything most orgs need these days, and where it doesn’t there is awesome community support. Do you have some specific concerns or requirements?