Hey everyone! I'm managing a tenant that's only licensed for Business Premium, so I don't have access to remediation scripts. Right now, I'm controlling updates using rings instead of auto patch. I'm curious, is there a way to effectively track the status of devices for secure boot certificate updates? Am I stuck having to create a platform script and gather the output into the Intune Management Extension folder? Would love to hear from anyone who's dealt with a similar scenario!
2 Answers
I’m dealing with this too! My devices need to be hybrid or fully joined for the reports to work correctly. Currently, my enrolled devices aren’t reporting at all, which is frustrating. Like my laptop shows the secure boot as enabled but also lists the status as 'not up to date'.
You might want to look into this Intune catalog setting for Secure Boot. Just enable 'Secure Boot Certificate Updates' which will help initiate the deployment of the necessary updates.
Thanks for the tip! I get how to deploy those updates, but I'm more interested in understanding the reporting aspect.