The video is back, uploaded earlier, then it was set to private, now its back 🙂, very nice video thanks! Starting using Platform SSO, it's working nice!
When iam starting the company portal he wants to set up intune enrollment. But this was setting up at start so i dont understand why. All enrollment profiles are already installed but the portal show up its not enrolled. Any advice?
We are having the same issue with our environment. We are using Enroll with User Affinity with Setup Assistant with modern authentication and the PSSO Configuration policy is set with the Password method instead of User secure enclave key. Everything with the register popup notifications work just fine. However, when we open the CP, it has a Begin button and wants us to begin the enrollment process. Shouldn't it already be enrolled and just take us to the CP Main screen where the device is listed?
@@-MattPierce I solved this issue in my case. The user who enrolled the mac was a „device enrollment manager“ in intune. This role have some restrictions in some features. All other users had worked
Howdy I.T Training! I was wondering if you would consider doing a new Intune/MacOS PSSO video using the password method instead of the User Enclave method and step us through it all. My understanding is that we shouldn't need to use the CP to do the enrollment where it wants to download a new management profile. Currently, ours is doing this and we aren't sure why. Thanks for the consideration.
If deploying in Single User Affinity mode, what about a local admin account or some way to remotely manage the device? What if the user leaves and we need to scrape their data?
Question, One of my big hopes for platform SSO. We're a bit behind on the mac config and the colleagues using mac keeeeeeeep forgetting their local password. Having SSO in my head meant i'd be able to reset their password at worst for them as an admin. Using enclave, how do we reset that? I notice it doesn't appear on the passwords section of the account so no option for any kind of self service of it? I presume also not using enclave and using the password option instead isn't as simple as resetting the entra account password. I presume then it wont be the one paired on the device and therefore the reset would just put things out of sync? Been trying to get a bit of reading material on this online around these kind of scenarios but struggling to find the exact info so keen to take guidance from everyone on here who has more experience using this so far.
I have a question regarding Mac computer login. How can users log in using their Entra ID on existing Mac devices? Is it necessary for everything to go through Autopilot, or is there an alternative method?
Hi I have a question. Currently we have ABM as our ADE, and this is using JamF for Mac's. If we wanted to enable and use platform sso using Intune would we have to remove Jamf as only one MDM provider can be used per device category. So Macs can only be controlled by one MDM we can control ipads using a fifferent or same MDM? Alternatively we get our Jamf provider to package CP for us so we can utilize Platform SSO
![I.N "HALLUCINATION" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/n5B5q1Hwt_U/mqdefault.jpg)
The video is back, uploaded earlier, then it was set to private, now its back 🙂, very nice video thanks! Starting using Platform SSO, it's working nice!
Apparently we were a little early on the release :-)
When iam starting the company portal he wants to set up intune enrollment. But this was setting up at start so i dont understand why. All enrollment profiles are already installed but the portal show up its not enrolled. Any advice?
We are having the same issue with our environment. We are using Enroll with User Affinity with Setup Assistant with modern authentication and the PSSO Configuration policy is set with the Password method instead of User secure enclave key. Everything with the register popup notifications work just fine. However, when we open the CP, it has a Begin button and wants us to begin the enrollment process. Shouldn't it already be enrolled and just take us to the CP Main screen where the device is listed?
@@-MattPierce I solved this issue in my case. The user who enrolled the mac was a „device enrollment manager“ in intune. This role have some restrictions in some features. All other users had worked
how can we registered existing device without resetting?
Howdy I.T Training! I was wondering if you would consider doing a new Intune/MacOS PSSO video using the password method instead of the User Enclave method and step us through it all. My understanding is that we shouldn't need to use the CP to do the enrollment where it wants to download a new management profile. Currently, ours is doing this and we aren't sure why. Thanks for the consideration.
If deploying in Single User Affinity mode, what about a local admin account or some way to remotely manage the device? What if the user leaves and we need to scrape their data?
It is super easy to wipe the device via intune. It works way better than windows. If you click on wipe the device is wiped within 3 minutes.
Question,
One of my big hopes for platform SSO. We're a bit behind on the mac config and the colleagues using mac keeeeeeeep forgetting their local password. Having SSO in my head meant i'd be able to reset their password at worst for them as an admin.
Using enclave, how do we reset that? I notice it doesn't appear on the passwords section of the account so no option for any kind of self service of it?
I presume also not using enclave and using the password option instead isn't as simple as resetting the entra account password. I presume then it wont be the one paired on the device and therefore the reset would just put things out of sync? Been trying to get a bit of reading material on this online around these kind of scenarios but struggling to find the exact info so keen to take guidance from everyone on here who has more experience using this so far.
I have a question regarding Mac computer login. How can users log in using their Entra ID on existing Mac devices? Is it necessary for everything to go through Autopilot, or is there an alternative method?
Hi I have a question. Currently we have ABM as our ADE, and this is using JamF for Mac's. If we wanted to enable and use platform sso using Intune would we have to remove Jamf as only one MDM provider can be used per device category. So Macs can only be controlled by one MDM we can control ipads using a fifferent or same MDM?
Alternatively we get our Jamf provider to package CP for us so we can utilize Platform SSO
You can use Jamf connect, Jamf connect have the same sso feature.
Excellent tutorial. Would this also sync the device password to entra ID password?
Exacly! what will happen if the user changes the local user password?
my org has stopped further deployment of macs due to limitations re intune/mdm/sec/compliance - a reasonable call to make? i'm not sure what i think
Thank you! You don’t know how many times you literally saved my job 🫡