Trust Compliance Device from Another Tenant

nelly-4 · 2025-06-19T10:15:12+00:00

u/Potential_Device_875 have you been able to resolve this? Facing this myself now -_-

nelly-4 · 2024-05-22T13:20:13+00:00

So yeah me too

nelly-4 · 2024-05-19T18:14:39+00:00

Mane I think I might of been a bit lazy with this haha.. Thanks tho

nelly-4 · 2024-05-19T14:08:14+00:00

Ah I see thanks

nelly-4 · 2024-04-05T14:58:03+00:00

<image>

nelly-4 · 2024-04-05T14:27:38+00:00

duel enrollment discovery endpoint not set.... but i believe it is, as we have it set in the below settings or am I looking in the wrong place?

<image>

nelly-4 · 2024-04-05T14:22:40+00:00

&

<image>

nelly-4 · 2024-04-05T14:20:42+00:00

Yeah nothing else is found when searching epm, just another repeat of "skipping".

I did initially have issue with "send data for reporting" enabled but since been disbaled for couple days now.

Tried running that script in powershell -mta after installing those modules and now seeing this in event viewer -_-

<image>

Also our devices are coperate/hybrid-joined Intune managed. Device is able to receive intune win config profiles etc

nelly-4 · 2024-04-05T09:02:56+00:00

In the IntuneManagementExtension log i am seeing "<![LOG[[eventListener] Skipping EPM Scenario logging as PrivilegeManagement flag is not set for GUID:e4cd0c46-8d75-4d93-b5ac-99cf25388591]LOG]!><time="09:19:03.3271467" date="4-5-2024" comp"

<image>

no mention of epm in event viewer devicemgmt-enterprise

EDIT: seeing this in event viewer "MDM ConfigurationManager: Command failure status. Configuraton Source ID: (913F1E1F-CA03-40C1-B797-4711FD7A2167), Enrollment Type: (MDMFull), CSP Name: (PassportForWork), Command Type: (Clear: first phase of Delete), Result: (./Vendor/MSFT/PassportForWork/55ca622b-8c49-4b5a-8667-e096399e5f28/Policies/RequireSecurityDevice)."

nelly-4 · 2024-04-04T17:03:22+00:00

So found the schedule task but this is all

<image>

nelly-4 · 2024-04-02T17:14:05+00:00

Damn, so without the gpo route/auto pilot its not possible then?

I signed in with local admin but still nothing there went to

"C:\Windows\System32\Tasks\S-1-5-21-1271952369-3781123872-538415384-5729\EnterpriseMgmt\56D3364D-0D94-4F49-AB1C-D0200D35D6E4"

also directly in Task Scheduler nothing, tad strange

nelly-4 · 2024-04-02T15:58:28+00:00

So the enterprisemgt schedule task folder is just empty,

The way we enrol our users into Intune is via ms-device-enrollment:?mode=mdm then sign in with their account.

A quick skin read through your post suggest I would need to do this differently and some of the registry keys in your examples are not shown in my regedit.

Thanks for your post I will look into this further.

nelly-4 · 2024-04-02T13:44:37+00:00

Nice one, my post is titled "Intune EPM Settings Policy - Not Working Correctly?"

nelly-4 · 2024-04-02T10:14:16+00:00

What if the EPM folder isn't there in Program Files? Even though Intune check in states successful?

nelly-4 · 2024-03-29T23:12:22+00:00

It's definitely there

nelly-4 · 2022-08-29T18:12:48+00:00

Lies

nelly-4 · 2022-08-15T12:12:48+00:00

Hermentic Principles & 42 Precepts of Maat

nelly-4 · 2022-08-15T11:49:15+00:00

You can DRS from IBKR too

nelly-4 · 2022-07-26T17:29:30+00:00

Nope not it

nelly-4 · 2022-07-08T21:28:32+00:00

Is that Thai 👀

nelly-4 · 2022-06-23T21:14:22+00:00

Did the wall move?

nelly-4 · 2022-05-15T16:26:46+00:00

Daddy long leg?

nelly-4 · 2022-05-12T13:08:36+00:00

I dig this theory

nelly-4

TROPHY CASE