Endpoint Manager Newsletter – 12th August 2022

Welcome one and all, it may be holiday season, but the content from the Intune community never stops! Read on for this weeks exciting posts…

Community Content

We start this week with an excellent guide from Rahul Jindal covering implementing Azure PIM to manage the Azure Device Admins role with just-in-time access. I’m a massive fan of PIM and this is something I suggest to all customers!


Next up, Shehan Perera gives a run-down on how to use Device Control within Intune and Defender for Endpoint to manage those pesky USB and Bluetooth peripherals.


Shehan’s second post shows how to use Intune to control where F1 takes you into Edge, re-directing to an internal Knowedgebase may be a lot more useful than the standard Edge help


Jannik Reinhard has released an excellent new troubleshooting tool which gives in-depth details of the devices and the ability to sync, restart, ping or my favourite, trigger a remediation script against an individual device.


A second post this week from Jannik, this one showing you how to bring back the old Win10 Right-click menu on Windows 11


In this next post, Dean Ellerby has a look at Autopatch including a video on how to configure and enrol devices into this excellent new service.


We all know about the service health status within the Intune portal, but how many of us actually look at it daily? I know I only check if someone reports an issue. This post from Anoop Nair will show you how to enable email alerts so you can find out before the users start shouting.


Next up, we have another excellent technical look at the autopilot hash from Michael Niehaus. This one is looking at creating your own fabricated devices by manipulating the hash (I love the device details!)


If you’ve experienced the Autopilot 801c03ed error code, check out this post from Christopher Mogis with a fix.


If you deploy Android devices, you’ll probably use the Work Profile quite a lot. This post from Robin Hobo shows how to move system applications into the Work Profile on a device.

This post from Rudy Ooms looks at various methods to delay app installations during Autopilot

As you may or may not have heard, Apple have released Lockdown mode in Beta as an extra layer of security for high risk devices. Timmy Andersson looks at the implications this has if your devices are already MDM managed

If you are using Autopatch and letting Microsoft handle your patching, you’ll need to know how to look for any Microsoft issues. This post from Jitesh Kumar will show you how to do just that.


If you are just starting your Autopilot journey, this post from Gannon Novak gives an excellent run-through on enrolling devices

This one has been translated from Spanish to excuse the unusual URL. The post from Octavio Rodríguez looks at using Conditional Access policies with Microsoft Tunnel VPN


Next up, Damien Van Robaeys has part 4 of the getting started guide for Log Analytics. If this is your first exposure, I’d start with part 1


A second post from Damien, this one will show you how to get a message on Teams when an Autopilot build completes. Very useful if you’re on a large deployment project and need to track progress


If you’re using SCCM or MDT to deploy your base image, have a look at this post from Johan Arwidmark looking at the importance of drivers in your WinPE image

Self-deploying shared devices are an excellent feature of Intune and often overlooked. This post from Joost Gelijsteen will show you how to configure and deploy a shared device.

This post from Jonas Bøgvad looks at the ways we can protect Android devices from Malware using all of the tools available


A second post from Jonas this week looking at App Deployment options and what we know about the Store for Business changes


If you aren’t familiar with the Intune CD tool, read this post from Aaron Parker on how to configure and deploy it to automate your Intune documentation and monitoring for changes


Now onto this weeks video content and we will start with Dean Ellerby’s first look at Microsoft Entra and finding out what it is and what it does

If you haven’t looked at the new Cloud Trust model for on-prem SSO with WHfB, have a look at this video from Pim Jacobs, Ronny de Jong and Prakhar Srivastava

This video from Manish Bangia demonstrates how to deploy an SCCM lab into Azure

We also have part two of Mattias Melkersen Kalvåg’s excellent series on packaging with PowerShell Application Deployment Toolkit (PSADT)

The last of the community content for this week comes from Harjit Dhaliwal and Anoop Nair showing how to navigate the Intune support portal and log tickets

Microsoft Content

Now for the news and announcements from Microsoft

If you are co-managed or migrating from SCCM to Intune, this will look at migrating encryption


Defender for Cloud Apps is now included in the Defender Portal for better management and easier to view data


How to leverage Azure Bastion to connect to your home network


Another new preview, this one covers Device Health within the Defender for Endpoint dashboard


WIP is going end-of-support, more information about it and suggestions on what to use instead



This post looks at using CA to restrict web access to corporate data


With Desktop Analytics end of life, follow this guide to close your account


A new PowerShell Commandlet “get-whatsnew” to save you digging around in help pages and online documentation


That’s it for this week, have an excellent summer weekend!

Leave a Comment