HopTechOne

Lesson 2: Intune Policy Creation and Troubleshooting

Lesson 2: Intune Policy Creation and Troubleshooting

I created a Settings catalog policy to block regedit for Eagle.Talon:

Issues: Policy blocked LocalAdmin unexpectedly (DisableRegistryTools = 2 in HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\System). Eagle.Talon wasn’t blocked.

Steps: Devices > Configuration > New policy > Settings catalog > “Prevent access to registry editing tools” Enabled, “Disable regedit from running silently” Yes > Assign to “NotepadDenyUsers”.

Fixes:

Removed legacy registry key with PowerShell.

Ran SFC /scannow (no issues) and GPUpdate /force.

Checked gpedit.msc (Not Configured).

Ongoing: Recreating as user-targeted policy with “Disable regedit from running silently” No for clear error messages.

Key Takeaway:

User policies apply to HKCU, not HKLMโ€”test across accounts and use PowerShell for registry checks.

HopTechOne

, ,

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by