Intune Newsletter – 14th October 2022 – Ignite Special

Welcome to this weeks Ignite Special Endpoint Manager Intune newsletter. This week we have plenty of content, both Ignite and non-Ignite related. I have split the newsletter this week to make it easier to find the Ignite specific news

If you want to check out the sessions I attended, you can follow the link below. At the bottom of the page I have included direct links to the sessions I found most useful for Intune (plus ask the experts, but they aren’t online yet)


Community Content – Non Ignite
Community Content – Ignite
Microsoft Content – Non Ignite
Microsoft Content – Ignite
Microsoft Ignite Video Links

Community Content – Non Ignite

We start this week with a post from Jannik Reinhard lifting the lid on what actually happens behind the scenes when using Delivery Optimisation as well as looking at the pre-requisites and configuration.

This post from Liviu Barbat digs through the IME logs to look at the pesky retry interval on Win32 applications, well worth a read if you want to find out exactly what’s happening when you deploy applications.

If you need to set DNS Suffixes on your Intune managed devices, follow this guide from Alex Durrant

These days users are becoming tired of MFA prompts and clicking approve regardless of whether they are actually expecting it. Have a look at this post from Jonas Bøgvad on some options around this issue.

Ondrej Sebela has updated the IntuneStuff PowerShell module to include new functions to list all policies as well as everything a selected AzureAD group is assigned to.

Link to the module:

Enrollment notifications are a new feature in Intune, follow this guide from Christopher Mogis to find out how to configure and enable them.

A second post this week as well showing how to get a W365 machine for development and testing

If you are worried about Adversay-in-the-middle attacks on your estate, have a look at these instructions from Moe Kinani to protect yourself using conditional access.

Mikael Karlsson has released a new version of the excellent Intune Management tools. If you haven’t used them before, I highly recommend checking them out!

Another look at Enrollment Notifications, this time from Arno van Dijk

If you worry about machines being left unlocked and at risk, dynamic lock is an excellent solution as it locks and unlocks automatically based on a bluetooth connected device. To force your users to enable and use dynamic lock, have a look at this Custom Compliance policy from Joey Verlinden

For those looking at Windows 365 machines, licensing can be difficult to understand. This post from Ola Ström looks at the different licenses available.

Bitlocker is an amazing feature, but when it goes wrong, it can be a nightmare to resolve with many moving parts to consider. This script from Gannon Novak resolves an issue where Hybrid AD Joined machines aren’t uploading recovery keys.

When grabbing device information via PowerShell, you can use WMI or CIM, but which should you use? Read this post from Mike Kanakos

An exciting new feature in Outlook (especially if you don’t have something like CodeTwo in place). Outlook signatures are now sychronised to the cloud, no more complaints when devices are rebuilt! It is even cross-platform. Find out more in this post from Florian Salzmann

Three posts now from Aresh Sarkari, the first one looks at using PowerShell to create a provisioning policy for a Windows 365 machine

The second post uses PowerShell to assign an Azure AD group to the policy created earlier

The third post looks at using PowerShell to unassign or delete Windows 365 Provisioning Policies

Another thorough deep-dive from Rudy Ooms, this time delving into the murky waters of the Intune Device Certificate, how it works, how it renews and what happens if it lapses.

Microsoft Docs (or now Microsoft Learn) are constantly being updated and it can be difficult to keep track. This post from Jan Bakker shows how to use a logic app to alert when the Github Repos powering the docs are updated.

Sometimes you have required apps which need to be installed quickly, but post ESP, especially when looking at the likes of a Bitlocker PIN. Follow this guide from Oliver Kieselbach on how to do so using a Requirements script

To learn everything build related, numbers, how to find them, servicing dates etc. have a read of this post from Prajwal Desai

A second post from Prajwal demonstrating how to enable Dark Mode in the Intune Portal

Part 3 of the excellent series on OSD Cloud from Ákos Bakos has been released. This looks at Zero Touch Deployment as well as using GitHub to run scripts during imaging.

For all things BYOD, have a look at this comprehensive guide from Somesh Pathak looking at Zero Trust, Conditional Access and Application Protection amongst other things.

For a look at Conditional Access authentication strength, have a look at this post from Fabian Bader

Now onto this weeks video content, starting with this from Dean Ellerby showing how to configure your own Intune lab using Hyper-V in only 20 minutes!

This video/AMA from Johan Arwidmark and Andrew Johnson looking at a variety of excellent community tools for managing Intune devices and the environment as a whole

The latest Intune Training video is here featuring Matt Call, Adam Gross, Steven Hosking, Ben Reader and Mike Danoski looking at all things endpoint security

Community Content – Ignite

Dean Ellerby has been at Ignite Seattle and has an article on what it has been like in person

Plus day two

Dominiek Verham has been quick off the mark with a look at the Windows 365 app including some very useful screenshots

Ola Ström was also lucky enough to attend in person and has shared a post on the key announcements:

Microsoft Content – Non-Ignite

These are pre-Ignite announcements:

A look at application compatibility and test base for Windows 11

Windows 11 22H2 Update Fundamentals

I would strongly recommend signing up for Microsoft Technical Take-Off for everything Intune

Microsoft Content – Ignite

Book of news:

New Intune product family and branding

New Intune advanced plan including remote help, priv management and app deployment

Service-Now Integration

Windows Hello for Business Cloud Trust now in GA

Support to deliver custom notifications direct to Windows 11 machines

Autopatch Updates

Expediting Updates

Windows Update for Business Reports

Windows 365 System Based Alerts

Windows 365 Connectivity History Checks

Windows 365 App Public Preview

Windows Push Notifications

What’s new in Windows 365

Edge updates including the new workspaces

New Microsoft Teams announcements (not strictly Intune, but I’m sure we all use it daily)

What’s new for Microsoft 365 Admins

New AAD Integrations

Updates to Outlook for Android and iOS

Android Front Line Worker updates

MacOS Software Updates

Windows LAPS for AAD Devices

Android Management Solutions

A video with Steve Dispensa looking at some of the Intune announcements

Videos I’d recommend watching

Protect everything, everyone, everywhere with comprehensive security

Re-energize your workforce in the office, at home, and everywhere in between

Windows: Building what matters most for your business

Secure your workforce with Windows + Intune

Strengthen security and cut costs with an endpoint management you can count on

Empower frontline workers with Microsoft Endpoint Manager

Security best practices for managing across platforms with Endpoint Manager

Unify Apple device management into Endpoint Manager

Microsoft makes endpoint management and protection easy – when it’s consolidated across platforms in the cloud

Ask the Experts Sessions

And that’s everything I think, it’s a long read, but hopefully worth it!

Thanks to everyone in the Intune community and a massive thanks to everyone from Microsoft, it’s been a long few days (especially with the time differences), but totally worth it!

Leave a Comment