Implementing EPAC (ISO 270001) using Terraform
Hello Everyone , My company is using CAF to manage policies on Azure infrastructure. Now they want to switch to EPAC for better policy management. This is our first time for implementing EPAC. Have below queries for which need suggestion. How to decide…
Encryption of data storage on device error 2016345612
Hello, We are using the Windows Security Compliance policy and we are noticing quite a few devices are erroring on the "Encryption of data storage on device" section with the following State details: 2016345612(Syncml(500): the recipient…
How to Restrict Access to a Web Application Based on Device Compliance Using Intune and Azure AD?
I am currently using Microsoft Intune to manage access to a third-party web application that I have registered as a web link app type. I’ve successfully added the application in Intune, and it appears in the Company Portal. However, I am facing an issue…
Conditional access for mobiles: Android and iOS
Hi everyone, I am asking for support, When I try to add a business account in a native application such as gmail on an unregistered cell phone, after specifying only the business email address and domain password = access is not possible (correct…
Restricting Access to a Web Application Based on Device Compliance with Intune and Azure AD
I am currently using Microsoft Intune to manage access to a third-party web application that has been registered as a web link app type. I have successfully added the application in Intune, and it appears in the Company Portal. However, users can share…
How create a alert when login or access the mailbox of a user?
Director tells me that someone has login in your email account. It's possibly created an alert to specify the user mailbox and alerts via send a email to admin groups.
2016345612(Syncml(500) - Intune Compliance Policy Error
We have had this recurring issue for a long time now, and despite searching the error all over the place, there seem to be a lot of other IT professionals in the same boat, but no obvious answers. The error is on the Anti-Virus setting on the default…
Intune role permission to view 'Default Device Compliance Policy'
Hi, Please can someone advise which Intune role permission is required to allow visibility of the 'Default Device Compliance Policy' under the Device compliance page? I have a RBAC role (assigned to a scope tag), with Read and View reports allowed for…
What API or PowerShell cmdlet can be used to collect Microsoft compliance manager score data?
To collect Compliance Manager score data, you can utilize the Microsoft Graph API or PowerShell with appropriate cmdlets.
Endpoint DLP still shows disabled even after onboarding the device in MDE
I've seen somewhere that onboarding the device in MDE won't be requiring to onboard the device to Purview portal for DLP to work but below image shows that my Endpoint DLP Status is disabled. Take note that these machines are non-domain joined. In the…
Microsoft Purview
Hello, I'm trying to determine if Microsoft Purview will work as a back-office system to store business manuals, standard operating procedures, and documents. Could someone please provide advice on whether this is a great platform to use for creating…
Action 'Get-LabelPolicy' and 'Get-AutoSensitivityLabelPolicy' by User '<SNIP-PII>'
We have been receiving detections related to User Access Sensitivity Label Policy with actions stating these commands have been executed 'Get-LabelPolicy' and 'Get-AutoSensitivityLabelPolicy'. The user.id associated with it is named '<SNIP-PII>' …
Intune Devices failing Default Windows Compliance Policy, Encryption of data storage on device error
I have a large number of devices with this error. I have not been able to figure out how to resolve it in order to bring these devices into compliance.
Feature request device compliance reports
I would like to see at Reports > Device Compliance, to not see only the devices that are not compliant, but also see the reason why the device is not compliant. Now i have to navigate to every single device to see what the reason is why it is not…
Intune ios device shows not evaluated on overview but shows compliant in device compliance
We recently setup Intune and have enrolled a couple of devices using the webenrollment method. The devices will enroll but they remain Not Evaluated on the overview page. When I go to device compliance it shows the default device compliance policy as…
unable to create work profile in my Oneplus-Nord 2T mobile phone
I am facing problem while setting 'company portal work profile'. My phone model- Oneplus Nord-2T, Android 14 version, Oxygen OS. While setting the app it is showing '' we are unable to create your work profile. Your device might not support work profile…
Intune for Ubuntu - Access Denied to Office 365 Files Despite Device Compliance
Hello, I'm facing an issue with Microsoft Intune on my Ubuntu device. Until yesterday, everything was working fine. However, now I’m unable to access files on Office 365 (e.g., SharePoint and OneDrive). I keep receiving an "Access Denied"…
Prevant Offboard Devices get ip from DHCP Server
Hi, There is a way to prevent offboard device or non-compliance device to get ip from dhcp server? Even add the mac address to deny list when there is a non-compilance device (on the computer is not installed microsoft defender for endpoint) I would…
How to send notification to admin, when device goes non-compliant?
Hi Is it possible to create a notification to admin, when some device goes non-compliant in Intune? I can only find a way to send notification to end user..
Policy for Updating google chrome
I needed to create a policy in Intune to always update Google Chrome to the latest version automatically on all my registered devices. Is this possible?