Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Ben Nichols

My feedback

  1. 392 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    37 comments  ·  Ideas » Intune PC client  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Nichols commented  · 

    Im still seeing this occur frequently. On a tenant with approximately 60 Windows 10 devices, we are seeing 1 to 2 per day fail with this error.
    The only current resolution is to exempt the device from the compliance policy, wait 24 hours, then remove the exemption. This seems to reset the evaluation of the policy and it then works (however it seems its likely to reoccur, often the same device errors again within a week).
    This is a massive issue, as users are locked out of all services when a device errors and it takes a couple of hours for the workaround to kick in.

    Ben Nichols commented  · 

    Im seeing this get worse. Many devices falling out of compliance for Windows Firewall, Anti-virus, Code Integrity and/or Secure Boot - or any combination of those. All are ok on the machine itself, they just report as non-compliant.
    Just this week about 20% of an entire estate of machines decided to fall out of compliance on Secure Boot and Code Integrity for no apparent reason. It is causing significant problems as users cannot work when a machine goes non-compliant.

    Ben Nichols commented  · 

    I too am beginning to see this appear a lot in the last week.
    It previously occurred in January and a backend fix was implemented, along with improvements in Windows 10 1903 - all was ok for a couple of months. Now I am seeing many devices fail compliance with errors like this, this is over multiple tenants too.

  2. 321 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Ideas » App protection policies (APP/MAM)  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Nichols supported this idea  · 
  3. 1,094 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    70 comments  ·  Ideas » Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Nichols supported this idea  · 
  4. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Ideas » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Nichols shared this idea  · 
  5. 80 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Ideas » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Nichols commented  · 

    This is critical as Office 365 services support ipv6, so client IPs are also logged in Azure AD with their IPv6 addresses - so their prevents all location based conditional access policies working.

    Ben Nichols supported this idea  · 
  6. 18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Ideas » Autopilot/Windows enrollment  ·  Flag idea as inappropriate…  ·  Admin →
    Ben Nichols shared this idea  · 

Feedback and Knowledge Base