TSP Logo TSP Wiki
Docs
TSP Wiki

    Intune FAQ's

    Pre-Onboarding Guidelines

    Request VPN Profiles: If you are currently using a local account, please request new VPN profiles before starting the onboarding process.

    Verify Microsoft 2FA: Ensure that Microsoft 2FA is enabled and available in the Microsoft Authenticator app.

    How to onboard a device into Intune

    Guide for Onboarding device to Intune

    How to Enable BitLocker

    1. Open BitLocker Drive Encryption:

      • Open the Control Panel.
      • Navigate to System and Security -> BitLocker Drive Encryption.

    2. Turn On BitLocker:

      • Find the drive you want to encrypt (typically the C: drive) and click Turn on BitLocker.

    3. Choose How to Unlock Your Drive:

      • Select your preferred method to unlock the drive at startup (select password)

    4. Backup Your Recovery Key:

      • Choose where to save the recovery key. Select Print and download the Recovery Key. (This was uploaded during the laptop registration process)

    5. Select What to Encrypt:

      • Choose either Encrypt used disk space only (faster) or Encrypt entire drive (slower but more secure).

    6. Choose Encryption Mode:

      • Select New encryption mode (best for fixed drives on this device) or Compatible mode (best for drives that might be moved to older versions of Windows).

    7. Start Encryption:

      • Click Start encrypting and wait for the process to complete. This may take some time depending on the size of your drive and the amount of data.

    8. Verify Encryption Status:

      • After encryption is complete, go back to Control Panel -> System and Security -> BitLocker Drive Encryption to ensure the drive status shows BitLocker on.

    How to Enable Windows Defender Antivirus

    1. Open Windows Security:

      • Press Win + I to open the Settings app.
      • Go to Update & Security -> Windows Security.

    2. Open: Virus & Threat Protection

    3. Turn On Real-Time Protection:

      • Under the Virus & threat protection settings, click on Manage settings.
      • Ensure that the Real-time protection switch is turned on.

    4. Update Virus Definitions:

      • In the Virus & threat protection window, under Virus & threat protection updates, click Check for updates.
      • Click Check for updates to ensure that Windows Defender is using the latest virus definitions.

    Important Note

    Please disable and uninstall any other antivirus software from your device. This includes software such as McAfee, Kaspersky, and other third-party antivirus programs.

    How to Enable Windows Firewall

    1. Open Windows Security:

      • Press Win + I to open the Settings app.
      • Go to Update & Security -> Windows Security.

    2. Open: Firewall & Network Protection

    3. Check Firewall Status for Each Network:

      • You will see three network profiles: Domain network, Private network, and Public network.
      • Click on each network profile to check the firewall status.

    4. Enable Firewall:

      • For each network profile, ensure that the Windows Defender Firewall switch is turned on.

    How to Verify Windows Defender Status

    1. Check Windows Security Center:

      • Press Win + I to open the Settings app.
      • Go to Update & Security -> Windows Security.
      • Ensure that there are no warnings or alerts under Virus & threat protection and Firewall & network protection.

    2. Running a Quick Scan:

      • In the Virus & threat protection window, click Quick scan to ensure that Windows Defender Antivirus is actively scanning your device.

    How to Ensure Password Policy Compliance

    • Password Length: Your password should be at least 10 characters long.
    • Character Requirements: The password must contain both letters, numbers, and symbols. (alphanumeric).

    How to Manage User Accounts

    Part 1: Removing Additional Accounts

    1. Open Settings: Press Win + I

    2. Navigate to Accounts:

      • Go to Accounts -> Email & accounts.

    3. Check for Additional Accounts:

      • If you see an account other than your TSP email account, please back up any data associated with that account and then delete it.

    Part 2: Switching to Your TSP Account

    1. Log Out and Switch Users:

      • Press Win + L to lock your screen.
      • In the bottom left corner, select Other user.
      • Sign in using your TSP email and password that is at least 10 characters long and alphanumeric.

    2. Set Up Your TSP Account:

      • Once signed in, download and install all required software (e.g., Bitwarden, Pritunl, etc.).
      • If you have any data that needs to be backed up, upload it to Google Drive or OneDrive from your personal account.

    Part 3: Removing Your Personal Account

    Important Note

    Please remove your local accounts only after all the required files are backed up on the onedrive cloud.

    1. Open Settings:

      • Press Win + I to open the Settings app.
      • Go to Accounts -> Email & accounts.

    2. Select Your Personal Account:

      • Click on your personal account.
      • Click Manage, which will redirect you to the Microsoft account website.

    3. Remove the Device from Your Account:

      • Ensure you are signed in to your personal account on the Microsoft website.
      • Navigate to Devices.
      • Find your device and click Remove device.

    How to remove other accounts

    1. Open Settings with Win + I

    2. Navigate to Accounts.

    3. Select Other users.

    4. Select the Account to Remove:

    5. Under the Other users section, click on the local account you want to remove.

    6. Remove Account:

      • Click on Remove.
      • Confirm the removal by clicking Delete account and data.
    Edit this page on Gitlab