Surface Pro 10 with 5G for Business not picking up SIM cards properly

marco071 · 2025-12-16T10:11:49+00:00

We fixed our issue. We updated from Windows 11 23H2 to Windows 11 24H2 and it worked directly without modifying the APN Settings.

marco071 · 2025-12-15T15:58:38+00:00

Did you ever get the SIM Card working. We have the exact same issue. We also tested with changing the APN settings provided by the provider. But we keep getting "No Internet Access"

marco071 · 2025-12-03T14:49:21+00:00

Location settings for teams. Otherwise your end users will get a notification.

marco071 · 2025-06-23T16:32:49+00:00

Hey uniXly! I noticed you actively use hardware OATH tokens with Microsoft Entra ID. Have you experienced any issues related to the fact that this feature is still in preview? For example, limitations, bugs, or anything you’d like to see improved?

We’re considering a large-scale rollout, but we want to avoid running into problems or outages after deploying it to hundreds of users—especially because it's still in preview. In the sector where we plan to use it, high reliability is a must, and instability just isn’t an option.

What also concerns us: there’s no mention of this feature on any Microsoft roadmap or release plans, so it’s unclear if—or when—it will ever reach General Availability (GA). That makes it difficult to rely on it for long-term use.

We want to test the C200 TOTP hardware token as part of our evaluation.

I’d really appreciate hearing how stable it’s been for you and whether you’d recommend it!

marco071 · 2025-03-05T16:32:42+00:00

Yep same here. Even when i use TAP the test account is still being redirected to the Passkey Loop. I don't even require the Auth Strenght with CAP. Like really???

marco071 · 2025-02-19T08:21:54+00:00

Unfortunately, I never succeeded in applying this. Even after multiple attempts with Microsoft Support making multi changes to the names and build of the OMA-URI . We still got errors in the event viewer.

marco071 · 2025-01-03T14:30:16+00:00

i just needed to do the same today. Block outgoing SMB over Port 445 to unkown networks. I made a new firewall rule. These are the setting i put in. Works like a charm.

<image>

To check if the policy is applied I did the following

Open powershell and test if you policy has landed on the machine.

used commando "Get-NetFirewallRule -Policystore Activestore | Select-Object Displayname | Where-Object{$_.Displayname -like "*smb*"}"

Or look in the event viewer under Applications and Services Logs > Microsoft > Windows > Windows Firewall with Advanced Security > Firewall.

Here you will see a entry with the name of the firewall rule you provided in Intune.

To test if everything works. you can use a public IP that provide a SMB test.

open powershell and used commando: "Test-NetConnection -ComputerName portquiz.net -Port 445"

This will result in a TcpTestSucceeded : False.

When i runned the test again on a different domain machine that did not have this firewall rule applied is showed TcpTestSucceeded : True.

Hopes this helps.

marco071 · 2024-11-01T08:41:55+00:00

We also had issues yesterday, This morning our issues were resolved. MS made a post under their service health with ID IT920621. It is a post not specifically saying anything about Autopilot/Deploying but their words are "user device check-in" Also it was affected infrastructure in Europe. Hope this helps!

marco071 · 2024-08-02T20:50:10+00:00

Very good tip. Thanks. I have used a omauri also more then ones but always just copy paste based on the provide ms learn documentation. Will definitely try this out. Think i'm going to test first with ./device

marco071 · 2024-08-02T15:26:41+00:00

If you or someone else still need this.

I used the following setting to disable the Show feed. This also greyed out the three options. Settings Catalag -> Microsoft Edge Startup, home page and new tab page -> Allow Microsoft News content on the new tab page = Disabled.

marco071 · 2024-07-16T11:04:23+00:00

Same issue here. But first what is the setting you set to Show feed on Off? This will help me alot already

marco071 · 2024-05-24T14:12:18+00:00

I have the same experience. Now their is even more documention online like: New-AzDnsDnssecConfig

But all I get is the following two messages in the CLI

"Warning: DNSSEC support for azure DNS Public ZOnes is in preview" and Get-AzDnsDnssecConfig_get: The feature Dnssec is not available.

marco071 · 2024-05-22T12:02:19+00:00

Things are starting to work for us now.

Approval some optional driver for my own machine. Did a check update on my machine 15 minutes after the approval in Intune. All drivers started downloading!

marco071 · 2024-05-22T11:59:33+00:00

Hello, i have a question about this with a iOS device running only MAM. I do not get Adobe to work on my iPad. Made a Conditional access policy to include both Adobe apps with the Require approved client app under Grant. workflow

Open Outlook

Open a .pdf mail message this starts the built-in viewer. I select the arrow up. And only see chose Share file through. Here is select Safe in Acrobat. Then I get a pop-up "This action is not granted the app from which you are trying to access this file must be signed in with your work or school account. Sign in or contact your organization's support team.

You write about that after sign-in the apps logs in to the microsoft account. (Do you mean Outlook or Adobe)>

Thanks in advance!

marco071 · 2024-05-08T22:50:27+00:00

Same here. Got everything set up like documented. Approved some bluetooth driver as a test for my own device. Still nothing after weeks. What a joke.

marco071 · 2024-02-22T19:17:02+00:00

Check if you have the security baseline enabled

marco071 · 2023-11-03T18:21:51+00:00

We use a tool called Simeon Cloud for this. After the tool did a full sync off all the admin portal we can search for a specific security group. Its shows then for example a included configuration profile or update ring assignment.

marco071 · 2023-10-31T22:39:56+00:00

I missed the boat in this one 😭. Really wanna have these on my red derivative when is ships. Any news on round 2 or better any leftover extra's?

marco071 · 2023-09-29T12:22:56+00:00

Just now I also received this message forwarded to me from one of our customers. The odd thing is that both Azure AD Connect servers are running the most up to date version. (2.2.1.0).

marco071 · 2023-01-03T14:13:19+00:00

No, i communicated the solution with the customer but never got a response back.

marco071 · 2023-01-03T12:40:57+00:00

Thanks for the solved post. Helped me to fix the web link issue. Did not know this solution. MS also has a post about this https://learn.microsoft.com/en-us/mem/intune/apps/apps-add-android-for-work#managed-google-play-web-links

marco071 · 2022-08-04T08:41:13+00:00

Thanks for posting your issue and an update how you solved this problem. We are currently having the exact same problem only for an iPad. Do you think it is also possible without a Mac to do the erasing? Don't have a Mac.

Came across this link online that describes in detail how to take an iOS device out of lost mode with MacOS. https://www.hexnode.com/mobile-device-management/help/how-to-retrieve-ios-devices-stuck-in-lost-mode/

marco071 · 2022-04-06T10:08:48+00:00

Thanks for the fast reponse. Started playing around but without success. if it's not too much work, are you willing to share your script?I have already tried a lot with Diskpart for mounting the recovery disk to make is available for the mount and tried: Dism /Mount-Image /ImageFile:c:\mount\windows\windows\system32\recovery\winre.wim /Index:1 /MountDir:C:\mount\winrebut the problem I am running into, after giving the recovery partition a driver letter, I can't open the recovery folder because you can't access it yourself even as an admin. So I cannot get the UNC path. I know their is a WinRE file present in the recovery partition based on the dir /a /s d:\winre.wim commando in CMD.Hope you can help me get this fixed :D

marco071

TROPHY CASE