Intune Newsletter – 14th October 2022 – Ignite Special

Welcome to this weeks Ignite Special Endpoint Manager Intune newsletter. This week we have plenty of content, both Ignite and non-Ignite related. I have split the newsletter this week to make it easier to find the Ignite specific news

If you want to check out the sessions I attended, you can follow the link below. At the bottom of the page I have included direct links to the sessions I found most useful for Intune (plus ask the experts, but they aren’t online yet)

https://ignite.microsoft.com/attendees/08e093b7-d5df-4a3b-9bb6-05cc76f2a868

Contents

Community Content – Non Ignite
Community Content – Ignite
Microsoft Content – Non Ignite
Microsoft Content – Ignite
Microsoft Ignite Video Links

Community Content – Non Ignite

We start this week with a post from Jannik Reinhard lifting the lid on what actually happens behind the scenes when using Delivery Optimisation as well as looking at the pre-requisites and configuration.

https://jannikreinhard.com/2022/10/09/deep-dive-into-delivery-optimization/


This post from Liviu Barbat digs through the IME logs to look at the pesky retry interval on Win32 applications, well worth a read if you want to find out exactly what’s happening when you deploy applications.

https://patchtuesday.com/win32app-retry-interval/


If you need to set DNS Suffixes on your Intune managed devices, follow this guide from Alex Durrant


These days users are becoming tired of MFA prompts and clicking approve regardless of whether they are actually expecting it. Have a look at this post from Jonas Bøgvad on some options around this issue.

https://blog.skymadesimple.io/mfa-fatigue/


Ondrej Sebela has updated the IntuneStuff PowerShell module to include new functions to list all policies as well as everything a selected AzureAD group is assigned to.

https://doitpsway.com/get-all-intune-policies-using-powershell-and-graph-api

Link to the module:

https://www.powershellgallery.com/packages/IntuneStuff/1.2.7


Enrollment notifications are a new feature in Intune, follow this guide from Christopher Mogis to find out how to configure and enable them.

https://www.ccmtune.fr/2022/10/how-to-configure-enrollment.html

A second post this week as well showing how to get a W365 machine for development and testing

https://www.ccmtune.fr/2022/10/how-to-create-windows-365-demo-tenant.html


If you are worried about Adversay-in-the-middle attacks on your estate, have a look at these instructions from Moe Kinani to protect yourself using conditional access.

https://cloudbymoe.com/f/aitm-phishing-attack-and-the-steal-cookie-nightmare


Mikael Karlsson has released a new version of the excellent Intune Management tools. If you haven’t used them before, I highly recommend checking them out!

https://github.com/Micke-K/IntuneManagement/blob/master/ReleaseNotes.md


Another look at Enrollment Notifications, this time from Arno van Dijk

https://www.linkedin.com/pulse/notify-your-users-after-enrollment-arno-van-dijk?lipi=urn%3Ali%3Apage%3Ad_flagship3_profile_view_base_recent_activity_details_all%3BZY%2BIDK7yTIuMKOVpXqnTKw%3D%3D


If you worry about machines being left unlocked and at risk, dynamic lock is an excellent solution as it locks and unlocks automatically based on a bluetooth connected device. To force your users to enable and use dynamic lock, have a look at this Custom Compliance policy from Joey Verlinden

https://www.joeyverlinden.com/require-dynamic-lock-with-custom-compliance-policy/


For those looking at Windows 365 machines, licensing can be difficult to understand. This post from Ola Ström looks at the different licenses available.

https://www.olastrom.com/2022/cloud-pc-licensing-and-where-to-start


Bitlocker is an amazing feature, but when it goes wrong, it can be a nightmare to resolve with many moving parts to consider. This script from Gannon Novak resolves an issue where Hybrid AD Joined machines aren’t uploading recovery keys.


When grabbing device information via PowerShell, you can use WMI or CIM, but which should you use? Read this post from Mike Kanakos

https://www.commandline.ninja/get-ciminstance-vs-get-wmiobject/


An exciting new feature in Outlook (especially if you don’t have something like CodeTwo in place). Outlook signatures are now sychronised to the cloud, no more complaints when devices are rebuilt! It is even cross-platform. Find out more in this post from Florian Salzmann

https://scloud.work/en/synchronize-outlook-signatures/


Three posts now from Aresh Sarkari, the first one looks at using PowerShell to create a provisioning policy for a Windows 365 machine

The second post uses PowerShell to assign an Azure AD group to the policy created earlier

The third post looks at using PowerShell to unassign or delete Windows 365 Provisioning Policies


Another thorough deep-dive from Rudy Ooms, this time delving into the murky waters of the Intune Device Certificate, how it works, how it renews and what happens if it lapses.


Microsoft Docs (or now Microsoft Learn) are constantly being updated and it can be difficult to keep track. This post from Jan Bakker shows how to use a logic app to alert when the Github Repos powering the docs are updated.


Sometimes you have required apps which need to be installed quickly, but post ESP, especially when looking at the likes of a Bitlocker PIN. Follow this guide from Oliver Kieselbach on how to do so using a Requirements script

https://oliverkieselbach.com/2022/10/14/post-esp-intune-win32-apps-installations/


To learn everything build related, numbers, how to find them, servicing dates etc. have a read of this post from Prajwal Desai

A second post from Prajwal demonstrating how to enable Dark Mode in the Intune Portal


Part 3 of the excellent series on OSD Cloud from Ákos Bakos has been released. This looks at Zero Touch Deployment as well as using GitHub to run scripts during imaging.


For all things BYOD, have a look at this comprehensive guide from Somesh Pathak looking at Zero Trust, Conditional Access and Application Protection amongst other things.

https://intuneirl.com/2022/10/bring-your-own-device-plan-configure-and-enrol-your-personal-devices-securely/


For a look at Conditional Access authentication strength, have a look at this post from Fabian Bader

https://cloudbrothers.info/en/conditional-access-authentication-strength/


Now onto this weeks video content, starting with this from Dean Ellerby showing how to configure your own Intune lab using Hyper-V in only 20 minutes!


This video/AMA from Johan Arwidmark and Andrew Johnson looking at a variety of excellent community tools for managing Intune devices and the environment as a whole

https://www.youtube.com/watch?v=mL0YZPw8a8U


The latest Intune Training video is here featuring Matt Call, Adam Gross, Steven Hosking, Ben Reader and Mike Danoski looking at all things endpoint security

Community Content – Ignite

Dean Ellerby has been at Ignite Seattle and has an article on what it has been like in person

https://www.linkedin.com/pulse/ignite-seattle-day-1-dean-ellerby?lipi=urn%3Ali%3Apage%3Ad_flagship3_profile_view_base_recent_activity_details_all%3BNKhgWs5UQZSQ8uk5mVfjPg%3D%3D

Plus day two

https://www.linkedin.com/pulse/ignite-seattle-day-2-wrap-up-dean-ellerby?lipi=urn%3Ali%3Apage%3Ad_flagship3_profile_view_base_recent_activity_details_all%3BFnneUkSCTZK5e1i2QOH8qQ%3D%3D


Dominiek Verham has been quick off the mark with a look at the Windows 365 app including some very useful screenshots


Ola Ström was also lucky enough to attend in person and has shared a post on the key announcements:

Microsoft Content – Non-Ignite

These are pre-Ignite announcements:

A look at application compatibility and test base for Windows 11

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/microsoft-extends-application-compatibility-promise-to-windows/ba-p/2810546

Windows 11 22H2 Update Fundamentals

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/faster-smaller-windows-11-version-22h2-update-fundamentals/ba-p/3631894?WT.mc_id=EM-MVP-5003580

I would strongly recommend signing up for Microsoft Technical Take-Off for everything Intune

https://techcommunity.microsoft.com/t5/endpoint-management-blog/skill-up-at-the-microsoft-technical-takeoff-oct-24-27/ba-p/3653121

Microsoft Content – Ignite

Book of news:

https://news.microsoft.com/ignite-2022-book-of-news/


New Intune product family and branding

https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/introducing-the-microsoft-intune-product-family/ba-p/3650769


New Intune advanced plan including remote help, priv management and app deployment

https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/reduce-your-overall-tco-with-a-new-microsoft-intune-plan/ba-p/3650725


Service-Now Integration

https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/servicenow-integration-with-intune-adds-value-to-remote-help/ba-p/3650695


Windows Hello for Business Cloud Trust now in GA

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-hello-for-business-hybrid-cloud-kerberos-trust-is-now/ba-p/3651049


Support to deliver custom notifications direct to Windows 11 machines

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/deliver-organizational-messages-with-windows-11-and-microsoft/ba-p/3651011


Autopatch Updates

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-new-in-windows-autopatch-microsoft-ignite-2022-edition/ba-p/3651027


Expediting Updates

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/expediting-updates-in-the-real-world/ba-p/3650976


Windows Update for Business Reports

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-windows-update-for-business-reports/ba-p/3650956


Windows 365 System Based Alerts

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/public-preview-of-windows-365-system-based-alerts-in-microsoft/ba-p/3650929


Windows 365 Connectivity History Checks

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/connectivity-health-checks-and-history-reports-for-windows-365/ba-p/3650864


Windows 365 App Public Preview

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/experience-the-windows-365-app-public-preview-available-now/ba-p/3650835


Windows Push Notifications

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/it-just-got-easier-to-use-windows-push-notification-services/ba-p/3650563


What’s new in Windows 365

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-new-in-windows-365-microsoft-ignite-2022-edition/ba-p/3645364


Edge updates including the new workspaces

https://blogs.windows.com/msedgedev/2022/10/12/ignite-2022-innovations-updates-microsoft-edge/


New Microsoft Teams announcements (not strictly Intune, but I’m sure we all use it daily)

https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-microsoft-ignite-2022/ba-p/3614158


What’s new for Microsoft 365 Admins

https://techcommunity.microsoft.com/t5/microsoft-365-blog/what-s-new-for-microsoft-365-admins-at-microsoft-ignite-2022/ba-p/3627662


New AAD Integrations

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/new-azure-active-directory-integrations-that-strengthen-your/ba-p/2810634


Updates to Outlook for Android and iOS

https://techcommunity.microsoft.com/t5/outlook-blog/navigating-outlook-for-android-and-ios/ba-p/3651696


Android Front Line Worker updates


MacOS Software Updates


Windows LAPS for AAD Devices

https://learn.microsoft.com/en-us/windows-server/identity/laps/laps-overview


Android Management Solutions


A video with Steve Dispensa looking at some of the Intune announcements

Videos I’d recommend watching

Protect everything, everyone, everywhere with comprehensive security

https://ignite.microsoft.com/en-US/sessions/17bbd01d-4e26-4e2e-9eec-3a060b477eda?source=/schedule


Re-energize your workforce in the office, at home, and everywhere in between

https://ignite.microsoft.com/en-US/sessions/9090c839-cf8f-4462-9650-72a3ace65d44?source=/schedule


Windows: Building what matters most for your business

https://ignite.microsoft.com/en-US/sessions/76c947d1-f82f-432c-a426-223721ef72d7?source=/schedule


Secure your workforce with Windows + Intune

https://ignite.microsoft.com/en-US/sessions/2c334d3c-0886-4b98-8f02-ee0c8e4691d3?source=/schedule


Strengthen security and cut costs with an endpoint management you can count on

https://ignite.microsoft.com/en-US/sessions/b31d97b4-90c0-428f-80c5-e76402f02ce1?source=/schedule


Empower frontline workers with Microsoft Endpoint Manager

https://ignite.microsoft.com/en-US/sessions/ea11e64f-34ad-4efc-95d5-bf370b97be51?source=sessions


Security best practices for managing across platforms with Endpoint Manager

https://ignite.microsoft.com/en-US/sessions/1c90dbc9-1716-4d6f-995c-b7665719325a?source=sessions


Unify Apple device management into Endpoint Manager

https://ignite.microsoft.com/en-US/sessions/e2e4e73a-cb67-4adb-b921-1aec9ebbad52?source=sessions


Microsoft makes endpoint management and protection easy – when it’s consolidated across platforms in the cloud

https://ignite.microsoft.com/en-US/sessions/eb6f3981-d879-471b-828d-a79e98702ec4?source=sessions


Ask the Experts Sessions

https://ignite.microsoft.com/en-US/sessions/31780fe3-0ce9-4c69-a1a4-20dcaeb3a9d0?source=/schedule

https://ignite.microsoft.com/en-US/sessions/7a941fba-db13-4691-aa70-c5adcc41dbbc?source=sessions

https://ignite.microsoft.com/en-US/sessions/a120211d-8dcb-4394-95fb-c8e73259223f?source=sessions


And that’s everything I think, it’s a long read, but hopefully worth it!

Thanks to everyone in the Intune community and a massive thanks to everyone from Microsoft, it’s been a long few days (especially with the time differences), but totally worth it!

Posted in Newsletter