Only allow Entra ID devices to make inbound and outbound requests
I have an app service that I want to close down to ALL public access. They can neither read nor write. If you're apart of the companies Entra compliant devices I want to allow them to make inbound and outbound requests. But at the same time I need to…
How to setup Desktop/laptop background wallpaper and Screen Saver via Intune from locally stored on device or SharePoint or OneDrive?
How to setup Desktop/laptop background wallpaper and Screen Saver via Intune from locally stored on device or SharePoint or OneDrive? As I don't see such option in Intune so far which is really not good way to put company details on public sites like…
Intune - Comprehensive Properties of Security Groups
Good morning, For security groups created in the tenant, various custom or default policies can be added from the Intune, Entra ID, and Defender portals. In my case, I have configured several security groups, each with different associated policies and…
Defender Self loop back VPN + Company VPN
Hello everyone, I'm currently working on iPhone enrollment with the Company Portal and Defender iOS app. I appreciate Defender's local VPN option as it adds web protection, but I noticed when I activate my company VPN (needed for some apps), the…
FortiGate with EntraID
Hello! Would it be possible to implement the scenario below? Example: When a user logs into the machine, appears in the FortiGate Firewall and then adds an SSO with DL groups? But this whole scenario with Entra ID. We know it is possible with Active…
Intune - Always On VPN Custom Policy Profile deployment
We can't use the built-in Intune based profile deployment, since we are using forced tunneling, and have to use exclusion routes. Therefore we must use the custom ProfileXML based method. Does anyone have experience with this method, and what is the best…
How would I go about setting up CA for our environment, so that MFA isn't required?
So I have been made aware that MS is forcing MFA on their tenants. Now I am still inexperienced when it comes to MS Cloud, Azure and Entra. Now we have a few different tenants and an on-prem environment. Now while we are getting our users on it we will…
Role of BitLocker Drive Encryption in Device Migration.
Hi Team, I have a device that is hybrid-joined and co-managed. The system drives are encrypted using BitLocker and the recovery key is stored in Entra. The device is being migrated from one domain to another using a third-party tool called ForensIT User…
Can't create Quick Access configuration - Global Secure Access
When creating Quick Access configuration in Quick Access | Create Quick Access configuration I get: Network access settings Application operation failed. no further information is provided in the error. I do have a connector set up correctly and on in…
Security Baseline for Azure and Office 365
Hi collegues. Is there any security baseline in Azure and Office 365 we could use from Microsoft as an starting point to secure a Tenant in an initial and advanced way? Thanks. Regards
Security requirements to be considered for Microsoft Data Migration
What specific security requirements should be considered in case of Microsoft O365 and Azure Data Migration between tenants. Is there any specific checklist from Microsoft which can be considered as an initial starting point? Thanks. Regards.
How to upgrade Windows 10 Pro and Enterprise OS to Windows 11 Pro or enterprise via Intune policy? What are the steps and things we need to prepare before doing that?
How to upgrade Windows 10 Pro and Enterprise OS to Windows 11 Pro or enterprise via Intune policy? What are the steps and things we need to prepare before doing that?
Are incorrectly enrolled devices able to be queried in Advanced Hunting?
Hi, I am using Advanced Hunting to perform some auditing. I expected some devices to return results, but they are not; and the number of results when I search for all devices is way lower than expected for my queries. After checking the different IDs, I…
Block mobile phones when connected to a device as Removable Storage
Hi all, I'm trying to block all USB removable media connected to my company's laptops to about security breaches. I'm able to block USB pendrives and external hard drives, but If a connect a mobile phone (Android) to a laptop and set the connection to…
Allow Scanning Network Files
Hello, Could you please explain how the “Allow Scanning Network Files” policy functions within the Intune portal, specifically under Endpoint Security > Antivirus? Does enabling this policy mean that Defender will scan network-mapped drives? Thank you…
Automatically onboard devices from intune to defender
Hello, From the Intune portal under “Endpoint Security,” I have set the Microsoft Defender for Endpoint client configuration to “Auto” from the connector. If I am not mistaken, this is supposed to automatically onboard or offboard devices from Intune to…
Defender for Endpont - Device Isolation via API
Hello All, I am trying to craft an script to isolate device via powershell. I have created Enterprise app, i have assigned to that app permission (as delegated - i do not want to use it as application) Machine.Isolate and granted consent. Script…
How to disable Copilot in Microsoft Edge via Intune policy or any other way?
How to disable Copilot in Microsoft Edge via Intune policy or any other way? See below snap which we see in Microsoft Edge browser
Windows Defender keeps losing ASRs deployed by Intune
Hi all, for the whole last week, I have a very strange and recurring problem. Environment: Location EU0501, most devices HAADJ, some devices autopiloted entra only, Windows 10 and 11 on 22H2 or 23H2, Patchlevel 2024-02 or 2024-03 - so up to date. hybrid…
How can I deploy App Installer via Intune as app or package on Windows 11 devices so MS Teams would be installed on each devices as currently Teams is not being deployed on them because App Installer is not being auto updated or installed and MS Teams nee
How can I deploy App Installer via Intune as app or package on Windows 11 devices so MS Teams would be installed on each devices as currently Teams is not being deployed on them because App Installer is not being auto updated or installed and MS Teams…