My magic wish would be to align Intune and AAD RBAC. I don't want to have AAD RBAC and Intune RBAC, there should be only one RBAC system to rule them all. To give up PIM when I use Itnune RBAC is not the way to go. Everything should be available with PIM even the Intune roles. please merge both systems somehow...
I've written a blog post how to do this with Intune with a little helper. See here:
How to enable Pre-Boot BitLocker startup PIN on Windows with Intune https://oliverkieselbach.com/2019/08/02/how-to-enable-pre-boot-bitlocker-startup-pin-on-windows-with-intune/
Agree and in the meantime you can use Intune Management Extension to do that with a custom script logic.
Thanks, @Nathan. If there’s consensus that Known Folder Move meets the requirements of this request, I can call it “started”
“We are working to integrate the ADMX/ADML packages KFM with Windows Intune later this year.”
223 votesOliver Kieselbach shared this idea ·
Correct me if I'm wrong but I thing it is supported. See here:
For the release the week of Nov 6:
Admins can now configure the Firewall settings on a device using a device configuration profile
Admins can turn on firewall for devices, and also configure various protocols for domain, private, and public networks. These firewall settings can be found in the “Endpoint protection” profile.
Hey Cathy I think the request targets the compliance check not the ability to configure it. We want to see the compliance check if AV is enabled and FW is enabled like we already have for e.g. if BitLocker is enabled. Is this something you are planning or started already?
in addition search ability by serial number. during operations dealing with spare devices or vendor support we often have devices in unknown state and do not know the last user of it. In general there is a tag with the serial number on the device. So it would be very useful to lookup the device by serial number to find the last user and information about the device.