Welcome to this weeks exciting newsletter and whether you are a glass half empty or half full type of person, we can all agree, this is definitely full of content!
I’m testing something new this week, if you want to like or share one of the articles on LinkedIn, I’m including a link directly to the post as well as the direct blog post link. Feedback/improvements always welcome.
I’m a huge fan of PowerShell Application Deploy Toolkit and this news is worthy of a feature at the top here. Version 3.9 has now been released with some excellent updates.
Unless you are in the position where you are the only person with admin rights over Intune, you’ll probably want to see if anyone else is messing with your environment. This post from Niklas Tinner uses Intune reporting, Log Analytics and alert rules (or logic apps) to alert you of changes. (LinkedIn)
As mentioned in the MS news last week, AAD Connect Cloud Sync is scheduled to replace Azure AD Connect. To find out more about it, what it does, what it can’t do and how to upgrade, have a look at this thorough post from Shehan Perera (LinkedIn)
Following on from last weeks PowerShell script to display the top 50 machines experiencing BSOD, Damien Van Robaeys has taken it one step further and can now send Teams notifications with the devices listed (LinkedIn)
I deploy some of my scripts to the PowerShell Gallery if they are re-usable and don’t need huge amounts of input or amendments, but it can be tricky to get them uploaded. If you want to add yours on there, follow this guide from Nicholas Xuan Nguyen (LinkedIn)
I have seen Winget become a lot more popular of late for deploying apps, but it is also useful for keeping them updated. If you want a bit more management over the updates, including adding app exclusions (something I’ve been after for a while), check out this app and ADMX instructions from Hauke Götze (LinkedIn)
macOS support in Intune keeps improving, especially on the app deployment front. What if you need to deploy a custom application though? Have a look at this post from Liviu Barbat to find out how to get those LOB apps deployed. (LinkedIn)
Whilst Autopilot doesn’t work on Windows Home, that doesn’t stop users enrolling their machines into Intune. Fortunately Daniel Bradley has a very thorough post on using device filters to block these devices. (LinkedIn)
With AAD and MSOL modules soon to be deprecated, if you haven’t moved to PowerShell SDK yet, now is the time to do so. Daniel’s second post runs through how to install it (LinkedIn)
If you’ve ever looked at custom toast notifications and wondered what wizardry is going on there, have a look at this comprehensive post from Gannon Novak and you’ll be creating notifications before you know it. (LinkedIn)
Nico Wyss has put together an excellent script to change the hostfile on Intune managed machines when using AlwaysOn VPN (LinkedIn)
Following on from last weeks deep-dive into the world of Autopilot, Rudy Ooms has continued the series with a look at the DeviceAddRequest command running in the background (LinkedIn)
Next, Somesh Pathak looks at some important queries to run within Defender for Endpoint to make sure your estate is secure from the offset, including devices not onboarded and devices with local admin (LinkedIn)
I’m a big fan of Winget, but the current non-preview version lacks PowerShell commandlets. If you want to update your apps using PowerShell, have a look at this script from Harm Veenstra (LinkedIn)
Next, José Pinos looks at 5 conditional access policies everyone should implement, including a handy spreadsheet with the policy details in (LinkedIn)
If you are switching to the new Store App deployment, this guide from Prajwal Desai is well worth reading. (LinkedIn)
A second post from Prajwal showing how to configure multi-admin approvals (LinkedIn)
Did you know Power Automate can connect to graph and send JSON? Moe Kinani is demonstrating it in this post to automate guest creation and add an extra attribute field! (LinkedIn)