Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

bally

My feedback

  1. 29 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Ideas » Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
    bally commented  · 

    This looks to be resolved with Windows 10 1809.

    Silent BitLocker and Windows RE status remains enabled.

    bally commented  · 

    When you enable BitLocker it will present the following message: "You will no longer be able to use Windows Recovery Environment if you enable Bitlocker".

    At this point the recovery partition is no longer available. If you manually try to reset the machine via: Settings > Update & Security > Recovery > Get Started > Remove everything

    You will get the message:

    Could not find the recovery environment.

    However, it looks like if you run:

    reagentc /enable (deploy via GPO or SCCM, needs to be run as admin)

    It will create a recovery partition after you have enabled BitLocker. Tested this with 1709 and has worked on one machine.

    You could run into trouble with the sizing of the partition as per:

    https://social.technet.microsoft.com/Forums/en-US/90bf996d-3395-46d2-b69d-94b514e6e116/bitlocker-setup-was-unable-to-move-windows-recovery-environment-to-your-new-system-drive?forum=win10itprosecurity

    Will test this with additional machines and will provide an update

    bally supported this idea  · 
  2. 138 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Ideas » Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
    bally commented  · 

    Hi Microsoft,

    Can you please advise on this?

    We are using 1809 with hybrid join and as per the problem statement, this is confusing for deployment.

    The keys are stored in local AD rather than AAD or the user AAD profile.

  3. 280 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Ideas » Remote Assistance/Control  ·  Flag idea as inappropriate…  ·  Admin →
    bally commented  · 

    Can Quick Assist also be locked down to specific users? I find it out that anyone in the world can connect to corporate devices via Quick Assist

  4. 1,112 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    87 comments  ·  Ideas » Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the comments, just a few questions to the gallery.

    What platform is this issue with. I’m only seeing IOS devices in your comments, so wanted to double check.

    Also, are you having this issue with shared devices or just re-deployment? Unclear from all the comments. Do you want to keep all installed apps on the devices? Depending on your platform, you should be able to already do this for shared devices.

    bally commented  · 

    Windows 10 devices as well please. Also when using the DEM account, I should then be able to assign this to the end-user

    bally supported this idea  · 
  5. 14 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Ideas » Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
    bally commented  · 

    Yep concur with this... the only workaround is to change the name of the OMA-URI from .../Office16ADMX to .../Office16ADMX2.

    This will then apply new settings added to the string... however, it does not remove existing settings if they are no longer listed. Not sure what is does to existing settings that remain, which might have had GPO settings changed.

    Also, what are the implications with the new Administrative Templates features which was discussed at Ignite: https://oliverkieselbach.com/2018/09/29/ignite-2018-my-wrap-up/

    If I implement the Office 2016 ADMX ingestion, will the settings clash with the new feature update?

    Seems very beta all of this... the only way I can truly update an ADMX policy today is to delete the keys listed under:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\AdmxDefault and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Admxinstalled

  6. 85 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Ideas » Apps (all platforms)  ·  Flag idea as inappropriate…  ·  Admin →
    bally commented  · 

    Hi Microsoft,

    Any update on this? As stated, if we are looking to move to the internet to deploy and patch Office 365, what is the method of ensuring that we do not flood the network?

    I appreciate that the download sizes are minimized as per:

    https://docs.microsoft.com/en-us/officeupdates/download-sizes-office365-proplus-updates

    However, if you have 1,000 devices all connecting out on the same internet pipe this isn't a great scenario.

    bally supported this idea  · 
  7. 9 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Ideas » Azure Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
    bally commented  · 

    Is there any update on this? There is an unnecessary additional cost to the business to allow users to administer Intune when using RBAC.

    bally supported this idea  · 
  8. 3 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Ideas » User Management  ·  Flag idea as inappropriate…  ·  Admin →
    bally shared this idea  · 
  9. 548 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    29 comments  ·  Ideas » Windows-specific  ·  Flag idea as inappropriate…  ·  Admin →
    bally supported this idea  · 

Feedback and Knowledge Base