Welcome to another exciting Endpoint Manager Newsletter with this weeks content from the community.
First up, we have a handy script from Niels Kok to create domain join policies within Intune. If you need to join your machines and are a fan of automation, this is definitely one to add to your repository!
Next up, detective Rudy Ooms has been looking into the issues many of us have been having with the Windows store of late and some methods to fix a few of the issues this can result in.
This week we have two posts from Anand P starting with this thorough guide on installing Azure AD connect.
https://www.cloudtekspace.com/post/step-by-step-installation-of-azure-ad-connect
For anyone interested in the Android Open Source Project (non-googled devices), this post runs through the method of enrolling them into Intune
https://www.cloudtekspace.com/post/enroll-android-aosp-devices-in-intune
With the impending demise of Desktop Analytics, this post from Jonas Bøgvad runs through the options available in it’s replacement, Endpoint Analytics
https://www.linkedin.com/pulse/identity-old-policies-hardware-issues-jonas-b%C3%B8gvad/
For anyone running Windows 10/11 Pro, you will have no doubt found that the policies to set a desktop background are only compatible on Enterprise. Fortunately Gannon Novak has a PowerShell/Win32 app to deploy a background image to your devices.
Filters are an unsung hero of Intune, they can be used to target apps, devices, pretty much anything. Sander Rozemuller has taken this one step further by automating the configuration of the filters. I will definitely be using this in my scripts!
I’m including Conditional Access as a part of Intune because this post from Sean McAvinue is too good to miss. Have you ever found yourself having to document Conditional Access policies only for the customer to then ask what it’s doing? Worry no more, this excellent script will report on both the policy and who is affected by it!
Autopatch is a new addition to Intune (currently in preview). If you want to test it out, Manish Bangia has put together an excellent guide for you to follow.
https://www.manishbangia.com/complete-guide-to-setup-and-configure-windows-autopatch/
I’m sure I’m not the only one here who deploys Conditional Access policies in Report Only mode initially. This post from Oktay Sari shows how to link these to Log Analytics to easier view the output.
https://allthingscloud.blog/conditional-access-policies-in-report-only-mode-now-what/
Now for two posts from Damien Van Robaeys, this first one uses a provided ProActive Remediations script to list BIOS versions across Dell machines and compare to the latest available. There is also a link on how to use this to then update the BIOS via Remediation.
https://www.systanddeploy.com/2022/06/intune-reporting-with-log-analytics.html
This second post shows how to use browser Developer Tools and the excellent Graph X-Ray browser extension to find out how to manipulate Intune using MS Graph.
https://www.systanddeploy.com/2021/03/ms-graph-and-intune-quick-way-to-find.html
This post from Shehan Perera gives an excellent overview of Policy Sets, the pros and cons and when to use them.
https://shehanperera.com/2022/04/28/mem-policy-sets-1/
Here we have a script from Florian Salzmann to quickly deploy a PowerPoint template via Intune. Better still, it can run when PowerPoint is open!
Not strictly Intune related, but if you manage servers, this post from Mattias Melkersen Kalvåg runs through enrolling devices into Microsoft Defender for Endpoint (something I find myself doing more often)
This article from Jitesh Kumar shows how to use App Monitor and Device Information to get details of Applications across the estate
Now for the Microsoft announcements of the week (and there are some big ones!)
First up, this viewer shows how to configure and deploy Universal Print
https://regale.cloud/Microsoft/viewer/1265/index.html#/0/0
This is a big one, Windows 11 Insider now has LAPS built in. If that wasn’t exciting enough, Intune support is in Preview, watch this space!
Another very exciting one, a temporary access pass to allow users to quickly onboard a device without credentials. New starters can be given a pass, set the machine up, login and receive their credentials securely via internal systems. No more reading out passwords over the phone or (shudder) printing them.
Finally (from Microsoft), an excellent guide with tips on making sure Windows Updates apply well.
To end on a video, this from Harvansh Singh runs through configuration and deployment of Windows Hello for Business
That’s it for this week, I’ll be back next week with plenty more exciting content from this amazing community.
