Conditional access for mobiles: Android and iOS
Hi everyone, I am asking for support, When I try to add a business account in a native application such as gmail on an unregistered cell phone, after specifying only the business email address and domain password = access is not possible (correct…
Can Intune detect if a device is in motion and block it
Can Intune detect if a device is in motion and block it?
Question regarding Microsoft Admin Portals app in Conditional Access
If I block access to resource "Microsoft Admin Portals" app from other users than admin users, do I also block normal user or guest user access to Windows Azure Active Directory, so that normal users or guest user can register their 2FA to…
Protecting data on BYOD devices
Hi everyone, We have sixth form students using BYOD, and we're looking for advice on how to protect data on these devices, specifically for Microsoft 365 resources. I've tested Windows app protection for Edge, but students are also accessing data through…
The Copilot iOS app fails against Conditional Access
Copilot iOS fails against conditional access with a failure reason of : Application does not meet the conditional access approved app requirements. Application used is not an approved application for conditional access. User needs to use one of the apps…
Signing an audit App Control for Business (WDAC) Policy Doesn't Log Events?
Hello, We have several App Control for Business policies deployed on our fleet of machines, several of them are signed and enforced. We had one policy in audit mode (unsigned), and the Code Integrity logs for this policy came in just fine. No issues…
Urgent Help Needed: Tenant Lockout - Conditional Access Policy
We have been unable to access our tenant for nearly three days now due to a problematic Conditional Access policy. During this time, we've engaged in numerous conversations with various Microsoft support representatives and technicians. Unfortunately,…
Configuring New Windows LAPS Settings added in Windows 11 24H2 via Intune
Windows 11 24H2 introduced new Windows LAPS settings, including the ability to use passphrases as passwords and the automatic creation of the managed local account that LAPS utilizes. In Intune, under the Account protection security blade, the Windows…
Everyone locked out of tenant due to a faulty Conditional Access Policy
We have been locked out of our tenant for almost 2 weeks now due to a faulty Conditional Access policy. During this week, there have been several conversations with a number of Microsoft support technicians, none of which seemed to have an understanding…
TENANT LOCKOUT - FAULTY CONDITIONAL ACCESS POLICY
We have been locked out of our tenant for almost 3 weeks now due to a faulty Conditional Access policy. During these 3 weeks, there have been countless conversations with a number of Microsoft support agents/technicians, none of which seemed to have an…
Securing break glass account for access from multiple geographical locations?
Based on this news announcement…
Bitlocker configuration - Password complexity to encrypt USB storage
Hi everyone, I have created a configuration profile in Intune to prevent users from writing information to unencrypted USB storage. Doing the encryption test on a storage USB, I see that it asks you for a password. Supposedly, the password complexity…
Active Directory Password Policy: Changing the [Mast Change] Attribute
Hello everyone, Is there an article that specifies how to change the [Mast Change] attribute in Active Directory? I need to modify this parameter for some users to enforce a password change (bypassing the Default Policy - GPO). Are there any certified…
Resolving Blocked SMTP Access for certain user in Odoo Service
The user [email protected] has been blocked due to security defaults. While I can sign in normally, I am unable to use SMTP in the Odoo service because of this account being blocked. I aim to mark this account as safe, which I can manage, but I also…
Conditional Access Policies to allow Guests to Teams
Hi We have a Conditiona Policy to require Compliant Device to access any data/app in MIcrosoft 365 cloud service. We have Microsoft 365 Business Premium licenses. We have a need to allow Guest users to access Teams teams, they are invited to. For this,…
ARM Processor with Windows 11 Home is not allowing Checkpoint SSL Network extender
We are not able to use following Application on below Microsoft Laptop. Not allowing to run : Checkpoint SSL Network extender & Checkpoint VPN on Below Laptop. Microsoft Surface Laptop 7 Copilot+PC ZGM-00080 Qualcomm Snapdragon
Windows Hello - DisablePostLogonProvisioning Intune CSP fails on some client
Hello, we're about to deploy Windows Hello for Business (WhfB) in our Hybrid environment. For that, we're using the Account Protection policy to enable WhfB scoped on user groups. At first, we don't want to force users to enroll WhfB, for which we like…
Cant remove work or school account from personal PC
recently left an organization and my ID there was disabled. When employed there, I used my personal PC for work as well as my own stuff. Now I get frequent requests to log in to my Work or School Account. How do I remove the Work account from my personal…
How can I enable and configure Multi-Factor Authentication (MFA) for all users in Microsoft 365, and what are the recommended steps for a smooth rollout?
I’m setting up Multi-Factor Authentication (MFA) for all users in Microsoft 365 through Azure Active Directory, aiming for a smooth rollout. I need guidance on both enabling MFA across the organization and the best way to configure it to avoid…
Intune Wrapped App Access Blocked for User – "This app has not been set up" Error
Hello, I am facing an issue where an Intune-wrapped app is showing the following error message when a user tries to access it: "App access blocked: This app has not been set up for [email protected] **to use. Contact your…