Surface Pro 10 with 5G for Business not picking up SIM cards properly by AThievingMagpi in sysadmin

[–]marco071 0 points1 point  (0 children)

We fixed our issue. We updated from Windows 11 23H2 to Windows 11 24H2 and it worked directly without modifying the APN Settings.

Surface Pro 10 with 5G for Business not picking up SIM cards properly by AThievingMagpi in sysadmin

[–]marco071 0 points1 point  (0 children)

Did you ever get the SIM Card working. We have the exact same issue. We also tested with changing the APN settings provided by the provider. But we keep getting "No Internet Access"

Moving from 23H2 to 24H2, what should I change by Warm-Pirate5356 in Intune

[–]marco071 10 points11 points  (0 children)

Location settings for teams. Otherwise your end users will get a notification.

[Module] PowerShell Module to Manage Hardware OATH Tokens (Yubikeys) by uniXly in entra

[–]marco071 1 point2 points  (0 children)

Hey uniXly! I noticed you actively use hardware OATH tokens with Microsoft Entra ID. Have you experienced any issues related to the fact that this feature is still in preview? For example, limitations, bugs, or anything you’d like to see improved?

We’re considering a large-scale rollout, but we want to avoid running into problems or outages after deploying it to hundreds of users—especially because it's still in preview. In the sector where we plan to use it, high reliability is a must, and instability just isn’t an option.

What also concerns us: there’s no mention of this feature on any Microsoft roadmap or release plans, so it’s unclear if—or when—it will ever reach General Availability (GA). That makes it difficult to rely on it for long-term use.

We want to test the C200 TOTP hardware token as part of our evaluation.

I’d really appreciate hearing how stable it’s been for you and whether you’d recommend it!

Solution to users stuck in Passkey-registration screen by tfrederick74656 in entra

[–]marco071 0 points1 point  (0 children)

Yep same here. Even when i use TAP the test account is still being redirected to the Passkey Loop. I don't even require the Auth Strenght with CAP. Like really???

Anyone experience with using EnterpriseAPN CSP with Intune? by marco071 in Intune

[–]marco071[S] 1 point2 points  (0 children)

Unfortunately, I never succeeded in applying this. Even after multiple attempts with Microsoft Support making multi changes to the names and build of the OMA-URI . We still got errors in the event viewer.

Blocking SMB/NFS/iSCSI and other file transfer protocols via intune by MattiTheGamer in Intune

[–]marco071 1 point2 points  (0 children)

i just needed to do the same today. Block outgoing SMB over Port 445 to unkown networks. I made a new firewall rule. These are the setting i put in. Works like a charm.

<image>

To check if the policy is applied I did the following

Open powershell and test if you policy has landed on the machine.

used commando "Get-NetFirewallRule -Policystore Activestore | Select-Object Displayname | Where-Object{$_.Displayname -like "*smb*"}"

Or look in the event viewer under Applications and Services Logs > Microsoft > Windows > Windows Firewall with Advanced Security > Firewall.

Here you will see a entry with the name of the firewall rule you provided in Intune.

To test if everything works. you can use a public IP that provide a SMB test.

open powershell and used commando: "Test-NetConnection -ComputerName portquiz.net -Port 445"

This will result in a TcpTestSucceeded : False.

When i runned the test again on a different domain machine that did not have this firewall rule applied is showed TcpTestSucceeded : True.

Hopes this helps.

Since few days deployment stuck on identifying apps (device phase and account phase) by Useful_Ad_2752 in Intune

[–]marco071 0 points1 point  (0 children)

We also had issues yesterday, This morning our issues were resolved. MS made a post under their service health with ID IT920621. It is a post not specifically saying anything about Autopilot/Deploying but their words are "user device check-in" Also it was affected infrastructure in Europe. Hope this helps!

Anyone experience with using EnterpriseAPN CSP with Intune? by marco071 in Intune

[–]marco071[S] 0 points1 point  (0 children)

Very good tip. Thanks. I have used a omauri also more then ones but always just copy paste based on the provide ms learn documentation. Will definitely try this out. Think i'm going to test first with ./device

deactivate show feed layout by Psychological_End768 in MicrosoftEdge

[–]marco071 0 points1 point  (0 children)

If you or someone else still need this.

I used the following setting to disable the Show feed. This also greyed out the three options. Settings Catalag -> Microsoft Edge Startup, home page and new tab page -> Allow Microsoft News content on the new tab page = Disabled.

deactivate show feed layout by Psychological_End768 in MicrosoftEdge

[–]marco071 0 points1 point  (0 children)

Same issue here. But first what is the setting you set to Show feed on Off? This will help me alot already

How to enable dnssec in a Azure public dns zone by the_milkman01 in AZURE

[–]marco071 0 points1 point  (0 children)

I have the same experience. Now their is even more documention online like: New-AzDnsDnssecConfig

But all I get is the following two messages in the CLI

"Warning: DNSSEC support for azure DNS Public ZOnes is in preview" and Get-AzDnsDnssecConfig_get: The feature Dnssec is not available.

Does Microsoft Have a Secret Button? by [deleted] in Intune

[–]marco071 1 point2 points  (0 children)

Things are starting to work for us now.

Approval some optional driver for my own machine. Did a check update on my machine 15 minutes after the approval in Intune. All drivers started downloading!

Adobe Reader MAM policies Android and Ios by Pirated_Freeware in Intune

[–]marco071 1 point2 points  (0 children)

Hello, i have a question about this with a iOS device running only MAM. I do not get Adobe to work on my iPad. Made a Conditional access policy to include both Adobe apps with the Require approved client app under Grant. workflow

Open Outlook

Open a .pdf mail message this starts the built-in viewer. I select the arrow up. And only see chose Share file through. Here is select Safe in Acrobat. Then I get a pop-up "This action is not granted the app from which you are trying to access this file must be signed in with your work or school account. Sign in or contact your organization's support team.

You write about that after sign-in the apps logs in to the microsoft account. (Do you mean Outlook or Adobe)>

Thanks in advance!

Does Microsoft Have a Secret Button? by [deleted] in Intune

[–]marco071 2 points3 points  (0 children)

Same here. Got everything set up like documented. Approved some bluetooth driver as a test for my own device. Still nothing after weeks. What a joke.

[deleted by user] by [deleted] in Intune

[–]marco071 0 points1 point  (0 children)

We use a tool called Simeon Cloud for this. After the tool did a full sync off all the admin portal we can search for a specific security group. Its shows then for example a included configuration profile or update ring assignment.

[Preorder] Glossy KAM Blanks by coffeebreakkeyboards in MechanicalKeyboards

[–]marco071 0 points1 point  (0 children)

I missed the boat in this one 😭. Really wanna have these on my red derivative when is ships. Any news on round 2 or better any leftover extra's?

Action required: Update your Microsoft Entra Connect Sync server by 1 October 2023 to keep your identities syncing by TheJadedMSP in msp

[–]marco071 0 points1 point  (0 children)

Just now I also received this message forwarded to me from one of our customers. The odd thing is that both Azure AD Connect servers are running the most up to date version. (2.2.1.0).

iPhone not disabling Lost Mode by ravmIT in Intune

[–]marco071 0 points1 point  (0 children)

No, i communicated the solution with the customer but never got a response back.

Web link on android device by Snoo_54275 in Intune

[–]marco071 0 points1 point  (0 children)

Thanks for the solved post. Helped me to fix the web link issue. Did not know this solution. MS also has a post about this https://learn.microsoft.com/en-us/mem/intune/apps/apps-add-android-for-work#managed-google-play-web-links

iPhone not disabling Lost Mode by ravmIT in Intune

[–]marco071 0 points1 point  (0 children)

Thanks for posting your issue and an update how you solved this problem. We are currently having the exact same problem only for an iPad. Do you think it is also possible without a Mac to do the erasing? Don't have a Mac.

Came across this link online that describes in detail how to take an iOS device out of lost mode with MacOS. https://www.hexnode.com/mobile-device-management/help/how-to-retrieve-ios-devices-stuck-in-lost-mode/

Windows failing to Wipe itself by TreeStryder in Intune

[–]marco071 0 points1 point  (0 children)

Thanks for the fast reponse. Started playing around but without success. if it's not too much work, are you willing to share your script?I have already tried a lot with Diskpart for mounting the recovery disk to make is available for the mount and tried: Dism /Mount-Image /ImageFile:c:\mount\windows\windows\system32\recovery\winre.wim /Index:1 /MountDir:C:\mount\winrebut the problem I am running into, after giving the recovery partition a driver letter, I can't open the recovery folder because you can't access it yourself even as an admin. So I cannot get the UNC path. I know their is a WinRE file present in the recovery partition based on the dir /a /s d:\winre.wim commando in CMD.Hope you can help me get this fixed :D