Intune Settings Rundown - 2406

Intune Settings Rundown - 2406

Introducing a new (semi) regular feature to document interesting new or updated Intune policy settings and UI changes in an easily digestible format!

Note: UI changes can sometimes take time so may not be visible immediately in your tenant.


Updated Nav Bar UI

Hot on the heels of the (somewhat contentious) Azure Portal navigation updates, the left hand navigation bar sections can now be collapsed:


Autopilot Device Preparation

Autopilot Device Prep (ADP) is seeing some (much needed) tooltip updates to make it clearer what various settings do.

Deployment mode

"Deployment mode controls if a user needs to provide credentials in order to provision the device."

Deployment type

"Devices are associated with the user enrolling the device and user credentials are required to provision the device"

Join type

"Specify how devices join an identity provider in your organization."

Additionally, "Azure AD joined" has been renamed to "Microsoft Entra joined" and has the below description which is only viewable in the JSON:

"Cloud-only without an on-premises Windows Server Active Directory"

User account type

"Specify whether users are administrators or standard users on the device. Note that this setting does not apply to Global Administrator or Company Administrator accounts. These accounts cannot be standard users because they have access to all administrative features in Microsoft Entra ID."

Custom error message

"This message will be displayed if an error occurs during deployment."

Allow users to skip setup after multiple attempts

"Allow users to continue to desktop if deployment fails."
"A link will be displayed for users to collect diagnostic logs if deployment fails."

Microsoft Edge

Some new policies added for Edge v125:

ImageEditorServiceEnabled

Policy Name:
Enable the Designer for Image Editor feature
Settings Catalog Location:
Microsoft Edge
Policy Tooltip:
Lets users access and use the Designer for Image Editor feature to edit an image they select. If you enable or don't configure this policy, users can access and use the Designer for Image Editor feature in Microsoft Edge. If you disable this policy, users can't access and use the Designer for Image Editor feature in Microsoft Edge.
Settings:
Enable / Disable
Separate User Scope Policy Available?
Yes

QRCodeGeneratorEnabled

Policy Name:
Enable QR Code Generator
Settings Catalog Location:
Microsoft Edge
Policy Tooltip:
This policy enables the QR Code generator feature in Microsoft Edge. If you enable this policy or don't configure it, the QR Code Generator feature is enabled. If you disable this policy, the QR Code Generator feature is disabled.
Settings:
Enable / Disable
Separate User Scope Policy Available?
Yes


Microsoft Defender

Updated Device Control Settings

As noted in the In Development page:

New file-level Device Control settings are available via:
Endpoint Security > Attack Surface Reduction > Device Control

Important to note that these settings will work on servers managed by MDE!

DisableCoreServiceTelemetry

A new configuration available via Settings Catalog or Endpoint Security>Antivirus.

Description:

Turn off OneDsCollector telemetry for Defender core service.

Settings:

  • 0x0 (Default) - The Defender core service will use the OneDsCollector framework to rapidly collect telemetry.
  • 0x1 - The Defender core service stops using the OneDsCollector framework to rapidly collect telemetry, impacting Microsoft's ability to quickly recognize and address poor performance, false positives, and other problems.
Defender CSP - Windows Client Management
Learn more about the Defender CSP.

Note that this option is microsoftSense enabled if deployed via the Endpoint Security blade and can impact servers.


Thanks for reading, and stay tuned!

James Robinson

James Robinson

With 20 years of experience, James is a Principal Consultant specialising in Modern Workplace and End User Compute technologies, with a focus on Modern Management and Cloud-Native endpoints.
Brighton(ish), United Kingdom