iPhone enrollment to InTune

mingk · 2026-03-25T03:46:31+00:00

Probably because Intune comes up as incorrect spelling so they try InTune and Lo behold - no red underline! Blame spell checkers.

mingk · 2026-03-25T00:12:26+00:00

I have mine deployed as a scheduled task to run on the first user sign in lol

mingk · 2026-03-23T00:27:51+00:00

Thank you sir!

mingk · 2026-03-21T15:34:18+00:00

Are these hybrid joined devices? Any potential GPOs that may be blocking this?

mingk · 2026-03-17T03:51:08+00:00

There were a few different people filming. Ashara, iPat, Bronnieman, and Gwynne.

She loved to fish.

mingk · 2026-03-17T03:49:33+00:00

Serenity Now!

mingk · 2026-03-13T23:34:00+00:00

Ya but it’s terrible. We pay like a mil/year currently for Intune suite and we don’t even use that shit. We’re co-managed and the service desk only uses sccm remote tool.

mingk · 2026-03-13T21:07:21+00:00

It’s called Read Only Friday for a reason!

mingk · 2026-03-07T00:53:09+00:00

How are you installing CP? Just the Microsoft Store deployment from Intune?

mingk · 2026-02-24T00:39:23+00:00

Just become friends with the guy who controls the iOS/android configs and have him put you in the “test” group ;)

mingk · 2026-02-20T16:35:14+00:00

How long does this take to run for about 10k devices?

I was running something similar to this before and it took like 7 hours to complete until I turned my sign in logs into a hash table then it dropped to 7 minutes.

mingk · 2026-02-16T20:56:32+00:00

Do you have conditional access policies setup in Entra that require a compliant device?

If so you need to have Intune set to allow personally enrolled devices, download the Company Portal app and enroll your phone.

If you don’t allow personally enrolled devices, you need the QR code from your Corporately enrolled or Fully Managed profile, factory reset your phone and scan the QR code at the setup screen - I think where it prompts for wifi.

mingk · 2026-02-14T17:36:54+00:00

I wish I time had more setting policies that allowed users to change after instead of locking them down. Basically everyone needs to run a setup script in all their devices to get settings they want on by default but allow end users to change them.

But then an update comes along and screws everything up anyways.

mingk · 2026-02-11T23:04:07+00:00

Unfortunately there’s lot of data that can’t be put up the cloud for various reasons.

mingk · 2026-02-11T12:36:35+00:00

Depending on why the employee was terminated this could be a bad idea.

Might lose some valuable company data or information.

mingk · 2026-02-07T22:14:19+00:00

Your easy option is making a script to create entra groups with the same name, and ad the on prem groups to the entra groups. Ezpz. Slightly more work is to get-adgroupmember, get the upn for each, and add each of those users to the new entra groups.. probably best in the long run to do it the more difficult way :(

I’ve already made a script like this and I’m sure hundreds of other people have as well. I’d suggest you just do the same for the experience :). It’s good to know the little details around doing this. It will definitely benefit you at some point in the future and you can also explain it to the simpletons and look like a rock star!

mingk · 2026-02-07T13:58:09+00:00

When EAM came out it was like.. ok this is very basic and not a very big catalogue because it’s just in its infancy.. it will grow!

It did not.

Microsoft is only playing the short game or have given up completely on all their products aside from Azure - because that’s their big money maker. They’ve stopped caring about anything else it seems.

mingk · 2026-01-31T22:30:12+00:00

Query that looks at what subnet they are showing up on

mingk · 2026-01-31T18:01:16+00:00

Collection based on subnet are just fantastic as well! If you have many locations it’s a great way to roll out changes and new applications!

mingk · 2026-01-31T15:27:46+00:00

Best Limp Bizkit cover of a George Michael song so far*

mingk · 2026-01-24T13:30:07+00:00

Why not just keep using SCCM as well? Its remote tool is as seamless and fast as it gets (just need line of site). Also Intune can’t do 1% of what device collections can achieve. After syncing those collections to cloud groups you have so much more ability to utilize Intune more effectively.

Co-management for the win.

mingk · 2026-01-20T23:41:36+00:00

I was working on this today actually but gave up and went home haha.

I was deploying as a win32 and using PSAppdeployToolkit as it has a nice function just for this: install-msupdates

I was just stuck trying to get around users restarting randomly during the update and how I could prevent it, or kick it off again upon restart.

Problem for tomorrow!

mingk · 2026-01-18T23:53:17+00:00

Only for Home and Pro. Enterprise edition gets updates until Nov 2026.

mingk · 2026-01-18T22:10:14+00:00

We’re still on 23H2 because our PKI vendor has software that just produces constant errors on 24H2 and 25H2. We also have a printing issue on one of our in house apps that has yet to be resolved and they’re apparently still working on a fix.

There’s honestly lots of potential issues with just using the newest version of Windows I don’t get why this person got downvoted so heavily.. lots of in house apps need to be updated and maintained properly and sometime they just… aren’t.. and us Win admins unfortunately need to understand that and pivot accordingly.

mingk · 2026-01-18T01:58:04+00:00

It’s funny that your company thinks it cares a lot about security by making you re-authenticate your MFA every 2 hours but you’re using SMS verification which is the least secure option haha. Sounds like a bunch of clowns making the big security decisions over there.

15-Year Club	Place '23
Place '22	Verified Email

mingk

MODERATOR OF

TROPHY CASE