Duse explained the scope tags and explained why the scope tags section in the "custom role" part is confusing and yet left the audience confused. Bravo!!
@@IntuneTraining how do you suggest using dynamic groups in terms of identifying devices? I think I figured one way via our naming scheme and using a dynamic group that way. Was very odd I couldn't find much info on this.
Thank you for the many videos, Do you have to have an AAD role to allow access to intune and what is the most restrictive AAD role you can set allowing this access?
Is it possible that you can create a video showing how a Windows 10 AAD registered device is converted to a hybrid AAD join device? Thank you for the many great videos from you! =)
Love your work guys! Keep it up! One thing I ran into is that the permission to read device's Bitlocker key is an AAD permissions and not Intune (microsoft.directory/bitlockerKeys/key/read) which makes it impossible to give the regional IT person access to read Bitlocker keys of their scoped devices without giving them Security Reader/Device Administrator/Helpdesk Administrator in AAD which is not subject to Intune scoping. Any ideas?
This seems very confusing. Watching the video many times to understand. It's worth writing a detailed article about this. I can't find this content anywhere.
The really confusing thing must be when you have compliance/config defaults and then someone with the right to create compliance/config for a specific scope comes in and adds their stuff no ? Then you end up with confusion and conflict. I say this because I'm managing Intune for my company and we have to give some rights to the IT for one of our divisions - but only on devices of theirs, not other divisions.
Duse explained the scope tags and explained why the scope tags section in the "custom role" part is confusing and yet left the audience confused. Bravo!!
U are doing great work, present everything clearly but with a sense of humor. Thanks
Great video!
Amazing Content
Is there anyway to dynamically assign scope tags to devices? I feel like I'm missing something.
May groups with dynamic membership rules. Then assign scope tags to all group members.
@@IntuneTraining how do you suggest using dynamic groups in terms of identifying devices? I think I figured one way via our naming scheme and using a dynamic group that way. Was very odd I couldn't find much info on this.
Thank you for the many videos, Do you have to have an AAD role to allow access to intune and what is the most restrictive AAD role you can set allowing this access?
Great video! This has been confusing me so much
Is it possible that you can create a video showing how a Windows 10 AAD registered device is converted to a hybrid AAD join device?
Thank you for the many great videos from you! =)
Love your work guys! Keep it up!
One thing I ran into is that the permission to read device's Bitlocker key is an AAD permissions and not Intune (microsoft.directory/bitlockerKeys/key/read) which makes it impossible to give the regional IT person access to read Bitlocker keys of their scoped devices without giving them Security Reader/Device Administrator/Helpdesk Administrator in AAD which is not subject to Intune scoping. Any ideas?
This.
Because i have given everyone in my environment that need to enroll devices "Intune Administator" lol. please make it make sense !
This seems very confusing. Watching the video many times to understand.
It's worth writing a detailed article about this. I can't find this content anywhere.
The really confusing thing must be when you have compliance/config defaults and then someone with the right to create compliance/config for a specific scope comes in and adds their stuff no ? Then you end up with confusion and conflict. I say this because I'm managing Intune for my company and we have to give some rights to the IT for one of our divisions - but only on devices of theirs, not other divisions.
AAD Adam. AAD not AD :D you guys are funny and please keep talk with your mouse, it is funny.