Endpoint Manager Newsletter – 27th May 2022

Welcome to this weeks newsletter with more exciting news from the excellent MEM community. There should easily be enough here to fill your Friday afternoon (we all follow read-only Friday I’m sure)

Starting this week we have a new script/application from Niels Scheffers. We all know shortcuts can be a pain to deploy, but Niels has taken that pain away with an excellent script to not only deploy shortcuts, but with the option of adding an icon!


If any of you haven’t used or explored device filters within Intune, go and have a read of this excellent explanation from Ola Ström, filters may well change your life!

https://www.olastrom.com/2022/filters-in-intune


For those of you with Lenovo devices (and keep an eye on the blog for Dell soon), Damien Van Robaeys uses a Proactive Remediation script (still my favourite Intune feature) to grab the BIOS details for Lenovo machines, compare to the latest available and output into Log Analytics to easily view the data, including graphs! There is also a script here to update them!!

https://www.systanddeploy.com/2022/05/intune-reporting-with-log-analytics.html


Whether deploying or supporting existing Intune environments, troubleshooting can be a tiring process with logs all over the place. Thankfully Mattias Melkersen Kalvåg has a selection of tools in one msi here to take a lot of that effort away. This latest version adds a way to monitor the Intune sync on the device

https://github.com/mmelkersen/EndpointManager/tree/main/Intune%20Debug%20Tools#what-is-the-intune-debug-tool


Whilst not stricly Intune, this excellent post from Katy Nicholson goes into detail around MFA including the new preview feature to enter a matching number for extra security.

https://katystech.blog/other/mfa


Another Log Analytics post, this one from Maurice Daly, again using Proactive Remediations, but this looks at application reliability and gives a nice overview of which apps are causing the most issues in your environment. Perfect for Proactive support rather than reactive, your users/customers/bosses will love this and will no doubt offer you massive payrises (sadly I can’t guarantee this)


Dujon Walsham has released part 4 of his excellent series around Application Management. I strongly advise reading the whole series.

https://windowsmanagementexperts.com/microsoft-endpoint-manager-enhancing-modern-application-management-part-4-application-approval-workflow-layout-structure/microsoft-endpoint-manager-enhancing-modern-application-management-part-4-application-approval-workflow-layout-structure.htm


Another 2 posts from Rudy Ooms again this week, the first is some proper detective work around how subscription activation works (amongst other things)

The second post looks at the difference between AAD Joined and AAD Registered, looking at MDM, MAM scopes and everything in between.


Two posts now from Microsoft themselves, first a look at the features in development, particularly the ability to look at the groups a device is a member of.

https://docs.microsoft.com/en-us/mem/intune/fundamentals/in-development#view-a-managed-devices-group-membership

Following on from the introduction to filtering mentioned earlier, Microsoft have a nice lesson on using logic within the filter rules.

https://techcommunity.microsoft.com/t5/intune-customer-success/back-to-school-using-boolean-algebra-correctly-in-complex/ba-p/3422765


For anyone implenting SSO with Windows Hello for Business, cloud trust is now in preview which should be a lot easier to configure (no more CA server with CRL). This post from Dave Wenger runs through end-to-end configuration of it.

https://blog.contoso-bern.ch/2022/05/24/new-sheriff-in-town-hello-for-business-hybrid-cloud-trust-preview/


This post from Moe Kinani uses Power Automate (something I’m getting to grips with myself) to send an email when a device is enrolled into Intune.

https://cloudbymoe.com/f/get-notified-with-detailed-email-when-devices-enrolled-into-mem


To finish the newsletter, we have two excellent Youtube videos from CloudManagement.Community.

The first one from Andy Jones runs through configuring Bitlocker silently on Windows 11 machines

And this one from Dean Ellerby is something everyone in IT should watch, it’s time to move to AAD join and ditch the domain!!


In the famous words of Porky Pig

Have a great weekend!!

Posted in Newsletter