CloudManagement.Community
CloudManagement.Community
Modern Endpoint Management. Technology channel for everyone interested in Modern management with Microsoft Intune, SCCM and Azure related content. We hope to bring a different perspective around the journey to modern management and provide up to date tips, demonstrations and latest news on the topic.
Find more details and content at:
Find us on Twitter
Dean Ellerby - Microsoft Enterprise Mobility MVP, Microsoft Certified Trainer, and Workspace Solution Architect
twitter.com/Dean_Ellerby
www.linkedin.com/in/deanellerby/
www.udemy.com/course/learn-intune/?referralCode=0751E019FC0DD131052C
Andy Jones - Microsoft Technical Architect - Enterprise Mobility MVP.
twitter.com/Andy_69Jones
www.linkedin.com/in/andrew-jones-65a67b59/
move2modern.uk/
Пікірлер
Excellent,Excellent,Excellent,Excellent video. Thank you so much!
Excellent,Excellent,Excellent,Excellent video. Thank you so much!
this is a crazy nice feature! love it and i know MS will coninue to improve it! Will be interesing to see how it works when sent to domains outside the org or regular free email providers like gmail and yahoo though.
Have you had any exsperience with configuring this with LOB apps?. i tried, and the apk file/app doesn't show up in the apps to choose when setting up the config profile for manage home screen 😮💨
Thx very much for the Guide. Just wondering how to achieve the procedure with a lot of apps (msi &win32 )? Got always an error when it comes to the last step of the installtion User Account
Thanks mate - just ran through this with Windows 11. Some minor changes in Intune and OOBE, but still very relevant. One issue I keep running into is policy forced restarts during the pre-provisioning stage. I think this is due to some password policies that we enforce. If I allow the restart it will never finish - I need to open command line (with Shift + F10) and run "shutdown -a" to skip the restart. Not ideal but works for now.
Is there a video of part 1 ?
Forensit Prowiz was designed exactly moving existing computers to another domain, azure AD or other combinations without a wipe.
Do you have a video which is more designed for absoute beginners? This all feels a bit rushed and designed for people who are more familar with the products than I am? :)
A video about Intune, or Hybrid Cloud Kerberos Trust?
@@theCMC cloud trust and or windows hello.
my company has default domain xxxy.local how can i add it ? can u tell me ?
So microsoft intune is free or paid service?
Thank you for posting real life and not the pre-stage expirience. It makes me feel better to know that it is not me and that others are in the same boat. Thank you.
Did you every post the 3rd edition of the Hybrid joined Autopilot, will really help. Thank you
How can i deploy Windows Autopatch on Servers by Intune? i neen some complement apart?
I keep getting error 5 any ideas?
Thanks sir, I was having issues putting in the correct data into GoDaddy. Helped to have your screen as a reference to compare to. My custom domain is now verified!
Why clients don't work? The guide says client 1-2 are domain joined but when you take connect to any of the client, it throws an error any idea why???? Like windows corruption etc on clients
how about the external email party? i pressume the recipent didn't trust the Microsoft cloud pki CA cert, so it is quite strange for users to send the encrypted email to external, is it right?
you are assuming that people trust the OEM OS build fuck stick......
Any idea why my VPP token won't populate when creating a Profile?
This device remote feature works on iphones as well ? Edit: Only supports those platforms Windows 10/11 Windows 11 em dispositivos ARM64 Windows 10 em dispositivos ARM64 Windows 365 Android Enterprise Dedicado (dispositivos Samsung e Zebra) macOS 12, 13 e 14
If we already own for example 50 iphones, will this method work? Or do they have to be phones bought after the fact you've signed up and purchased them through the Apple Business Manager?
You can setup ABM before purchasing Apple devices. Then either have your distributor or Apple add the devices to ABM as you buy them. If you have devices before you setup ABM then retrospectively have your distributor add them if that’s possible or the alternative is add them manually but that’s time consuming. See other videos for the manual process
An excellent detailed coherent logically constructed video - if only all instructive video's were this incisive & clear! 👍👏
Thank you for the great feedback 🙏
2 years later and this video still holds up!!! I caught my issue the first few minutes in but decided to stay and verify everything else was set and wow! Great video my man, thank you!!
Thank you! Funny you should mention that - I released the updated version this week! kzread.info/dash/bejne/p45mpalup5yYcdI.htmlsi=2q-2oHMJhKoSQ_pE
@@theCMC dang! That is a coincidence! I will be reviewing that in the AM when I’m working on my new tenet’s Autopilot setup before I roll it out for the first test drive! Cheers mate!
This video demonstrates how to manually add an iPhone to Apple Business Manager (ABM) using the Apple Configurator app. Here's a summary of the key steps: 1. Prerequisites: o Apple Configurator 2 or above installed on a Mac running macOS 12.4 or later. o Your iPhone must be reset to factory settings. o You need an Apple Business Manager account. o You need an MDM server, like Microsoft Intune, to manage the device. 2. Create a Wi-Fi profile: o This profile is used by the iPhone to connect to your network and access Apple activation services. 3. Add iPhone to ABM: o Connect your iPhone to your Mac. o Open the Apple Configurator app and select your iPhone. o Prepare the device by erasing it. 4. Assign to MDM Server: o In ABM, assign the iPhone to your MDM server (e.g., Intune). 5. Enroll in Intune: o After the device is assigned to your MDM server, you can then enroll it in Intune. This process will be covered in a separate video. Important Points: • Manually added devices have a 30-day provisional period before they must be removed from ABM or MDM. • The device will be erased during the process, so make sure to back up any important data. • You will need to generate a supervision identity and choose your network profile during the preparation process. • The video mentions that some users may encounter an error during the preparation stage. If this happens, it may still be possible to add the device to ABM, but you will need to assign the device to your MDM server afterwards. Overall, this video provides a step-by-step guide on how to manually add an iPhone to ABM using the Apple Configurator app. It is a useful resource for anyone who needs to add existing devices to their Apple Business Manager account.
At what point do you get asked to set up MFA for new user?
MFA is a user identity security process. Its not until the end user then switches the device on and enrols with their credentials and MFA if switched on will appear. The end user experience will also go through the ESP setup. You will see the MFA prompt at 25:18 in this video.
Really well explained, Thanks!
Thank you glad you liked it 🙏
Does anyone know how to get get past the banner limit? Our legal disclaimer is longer than what Intune for Mac allows.
lol if your lucky…. Everything fine…
The prompt before sign-out is not new, i've configured it month ago. But it was broken. I will try monday if it fix now
How did you get on ?
Hi Andy - thanks for the video series it's really helpful. I've recently purchased a MAC and wanted to add it to apple BM manually. I didn't realise you needed an iPhone to do this so I've now acquired an Iphone.... So my question is what order do I need to get these devices enrolled? Ive got my apple business manager account setup and connected to Intune. But when I sign into the app store on my Mac to get the configurator app its greyed out. So I have to use another apple ID to get it. Now I've got it, do I first need to setup the configurator on my mac, enrol the iPhone & then use configurator on the iphone to enrol the mac? Thanks
how come i dont get the add device to org page ??
Hold your iPhone close to the macbook while configurator 2 scanner is opened. It works via BT I guess.
Nice thing about this, you can use this as rollback too. Select to uninstall new and install old.
Great show, thank u
can you not a a device that is already setup ?
It needs to be erased. support.apple.com/en-gb/guide/apple-configurator/apd738b2e516/1.1/ios/17.0
I want to add existing intune macos devices to Apple business manager. is that possible ?
Only by using Apple Config v2 on an iOS device. But you will need to wipe an re-enrol
@@theCMC hi, i was able to figure this out. now im thinking since I have intune. does it make sense to setup user accounts for users on abm or just focus on managing them on intune:?
getting topic id doesnt match the existing certificate
Did you resolve this. Do you have a screenshot ?
Great video with clear instructions. Thank you - it worked beautifully.
Why is it necessary to assign the MDM server .... If not assign the server then devices will not replicate in the intune
Thanks for video, do you know if this is compatible with Google Zero Touch? It's a shame the user enrollment stage isn't slightly more simple, I'm not sure our end users would be able to figure this out on their own (especially being that they sign into 'Intune' rather than 'Company Portal' which they are used to). I will give this a try with a small group of users.
I’m guessing they will be 2 different enrolment options as G zero touch is there to simplify the whole enrolment experience, but worth looking into 👍
What if the uninstall file is in an app data folder? How would you translate that without using the user name? %appdata%?
Great question. Let me test. I’ll get back to you.
@@theCMC I think its %appdata%\ so for example zoom would be C:\Users\<user>\AppData\Roaming\Zoom\uninstall translates to %appdata%\zoom\uninstall
@@theCMC Confirmed, see other reply
Thanks for being the first to demonstrate the new Android Device Staging enrolment on KZread. I got to test out the new enrolment method this week since it was announced. I tested the enrolment on Android Enterprise Corporate-owned fully managed. However, I observed an issue with the PIN code setup during testing. Current Behaviour: • Users do not receive a prompt to set up a device PIN code after completing device registration. • Intune marks the device as non-compliant and emails the user to set up a PIN code. Desired Behaviour: • The process should prompt users to set up a PIN code either before or immediately after device registration. Observations: • There is no notification prompt for PIN code setup when users sign in to the Intune app to complete device registration. • The prompt only appears after the device syncs with Intune and undergoes a compliance policy check. • This approach is not user-friendly and could pose a security risk if a device is left unprotected without a PIN code. Have you noticed that yet?
Exactly the same experience here. Big down side with regards to forcing the user to set a pin. That will unfortunately cause more help desk tickets. Another thing I struggled to get fully deployed during the staging was the MS Launcher. All policies and profiles relating to the launcher were device assigned, but I just couldn't get the launcher to be the default home screen during the staging. This led to a less than perfect user experience, receiving a phone without company branding and without a customised home screen until a few mins after they sign into Intune Company Portal. Missed opportunity to give a really smooth user experience.
Thanks good feedback
@@ScottdMest looks like I'll be sticking with the old method until Google/Intune figure out a better way to deploy the policies correctly
Am going to look into this issues
Also, the sign-in to the intune app should be forced without anyway to bypass otherwise some will just never sign in
Thanks, useful stuff
My child was a month old when you made this video, what blast from the past.
😅
June 2021… wow.
Failed to add application on 04:26 , Showing error : We didn't find any results for 7zip. Kindly help
Please upload more videos to understand how to manage ISO and mac devices effectively from intune
Dinesh have you seen my other videos in the playlist ? Is there anything specific you are looking for ?
Is it possible for a user to BYOD and have a local personal account along with a work local account? Keeping all data separate?
Marcus, with user enrolment after authentication and enrolment to Intune a managed Apple ID account is added to the device for accessing configured Apple services and apps. This can coexist with your local account so access to personal data still exists and is separate yes. Have a look here support.apple.com/en-gb/guide/deployment/dep23db2037d/web
i'm looking to do this transfer from hybrid to entra ID AD joined , is this still the best way (other than wipe and load) given this video is over a year old ?
intune requires any on premise access drive mapping, printer access, vpn etc how to implement requires network connection configuration from on premise network to Azure network?
If only it would run immediately after device setup and create the local account like Jamf Connect does.