Welcome to this weeks exciting Intune news and content and it’s a long read this week. Grab a drink, get comfy and enjoy!
Community Content
We start this week with a look at the new troubleshooting tools in preview (release 2301) in this post from Nico Wyss
https://cloudfil.ch/how-to-troubleshoot-intune-issues-preview/
Aaron Parker has added an API for the excellent Evergreen tool should you find yourself in a situation where you can’t install PowerShell modules
https://stealthpuppy.com/evergreen/invoke/
MSIX App-Attach is a superb feature with AVD to move the applications away from the base OS and allow independant updates of each (amongst other things). This incredibly comprehensive post from Octavio Rodríguez will walk you through it from start to finish (excuse the dodgy looking link, I’ve translated it to save you the time)
A second post from Octavio this week, this one looking at the new Watermark feature in AVD
The latest version of Niall Brady‘s excellent Windows 365 guide is now available, this time looking at Point-in-Time restores
If you had in-house apps published to the old store and can’t find a way to add them with the new Store Integration, check out this post from Hauke Götze
Jannik Reinhard has put together a useful script to quickly display device information including group membership, policy and app assignments
https://jannikreinhard.com/2023/01/29/get-assignments-of-an-device-via-powershell/
Compliance policies are great (and essential), but what happens if machines somehow slip through without one assigned? Fortunately a new report in 2301 will show these devices as looked at here by Jitesh Kumar
https://www.anoopcnair.com/intune-report-devices-without-compliance-policy/
Following on from last weeks post, Dominiek Verham looks at how to deploy a Windows 11 Kiosk machine, but allowing the use of the Windows 365 application
https://techlab.blog/windows-11-kiosk-with-the-windows-365-app/
Next, Jonas Bøgvad looks at the benefits of passwordless authentication and why you should be looking at implementing it (if you haven’t already done so)
https://blog.skymadesimple.io/passwordless-benefits/
Company Portal is a key application for Intune managed machines, especially for self-service applications. This post from Prajwal Desai runs through the deployment via the new store integration
This post from Liviu Barbat looks at how to deploy your own custom Line of Business apps to macOS devices using Intune
Font installations are still much harder than I would like and I usually end up creating a custom MSI to deploy them. This post/script from u/CloudInfra_net should make things easier
https://cloudinfra.net/how-to-deploy-fonts-using-intune/
Pavel Mirochnitchenko has put together scripts to automate your Intune background and lockscreen branding in this post, if you haven’t looked at the previous two posts on windows branding, they are well worth checking as well
https://www.linkedin.com/pulse/intune-advanced-automation-part-3-windows-branding-mirochnitchenko/
In the quest to ditch the domain join for all end-user devices, with FSLogix now supporting AAD authentication, AVD is also now an option (especially with Intune integration). This thorough guide from Gannon Novak will walk you through the process
If, like me, you prefer working directly in Graph, this post from Daniel Bradley shows you how to assign licenses to users
After the exam changes announced (MD-100/102 to MD-102 and MS100/101 to MS-102), Daniel’s second post is a study guide for the MS-102
Privacy controls for Office apps are cross-platform. To find out about how they work and how to assign them, have a look at this post from Peter van der Woude
This new script from Thomas Marcussen will quickly add users to an an AzureAD group for Windows 365 users
Licensing can be a bit of a minefield, but once you have your licenses in place, make sure you are getting the best value you can from them. This excellent post from Lewis Barry shows what you get in a Business Premium license
Azure AD Tenants, subscriptions, cloud trust, it can all get confusing for someone new to the cloud. This thorough post from Eric Woodruff should help you understand it all
Rudy Ooms has cracked open the troubleshooting toolkit again, this time looking at what happens when you click the Check Access button in Company Portal (or as I’m sure many of us do, hammer the button repeatedly)
When using Defender for Endpoint, you may have noticed any tags in Intune don’t match up to tags in the Defender portal. This post from Florian Salzmann will show you how to use your group (or scope) tags in MDE
https://scloud.work/en/defender-scope-tag-via-intune/
Damien Van Robaeys has been exploring hidden Lenovo sites again, this time here is an excellent site to look at the BIOS of Lenovo machines in a web browser, useful for documentation, troubleshooting (or talking through that user on the phone)
https://www.systanddeploy.com/2023/02/easily-taking-screenshots-of-bios.html?m=0
Sorting local admin on your AAD devices gives you many options (more when Windows LAPS launches), Simon Skotheimsvik reviews the options in this post
Nick Benton has put together a custom compliance script based on the iOS version on devices in this post
https://memv.ennbee.uk/posts/apple-os-update-compliance/
Benoit Hamet has also looked at the watermark functionality in AVD
This post from Anand P shows how to use Conditional Access to block users from accessing email via native clients on un-managed devices
https://www.cloudtekspace.com/amp/block-exchange-online-email-on-unmanaged-devices
A nice packaging guide for executables here from CloudInfra
https://cloudinfra.net/how-to-deploy-exe-applications-using-intune/
This post from Niklas Tinner looks at Group Tags and the Autopilot information stored about a device
https://niklastinner.medium.com/the-discussion-about-group-tags-3407f8ce2a85
Next, Aresh Sarkari demonstrates how to configure Conditional Access policies for your AVD machines
Should you find yourself needing to bulk rename devices in Intune, check out this script from Ugur Koc
Another useful script, this one from Sander Rozemuller to bulk delete devices from AAD and Intune from a CSV
https://www.rozemuller.com/delete-aad-intune-devices-based-on-csv-and-graph-api/
Video Content
Now for the video content from this week, starting with a look at what’s new in Intune releases 2211 and 2212 with Mattias Melkersen Kalvåg and Nickolaj Andersen, an excellent starting point for looking at the new features available
Dean Ellerby has started a new YouTube channel (I’d recommend hitting subscribe) and the first video demonstrates how to deploy Zoom via Intune
If you want to move into the crazy world of Intune management, Chander Mani Pandey has put together some interview tips and tricks.
Chander’s second video looks at using Company Portal to manually enrol a device into Intune
The first of a new MS EMS Community podcast is now live featuring Jonas Bøgvad, Somesth Pathak, Eric Woodruff, Lewis Barry, James Robinson and someone else.
To find out more about winget and the new app store integration, this video featuring Mandar Chen, Roy MacLachlan, Danny Guillory Jr and Steve Thomas is well worth a watch.
The latest MVPBuzzchat with Christian Buckley and this episodes guest is our very own Manish Bangia
The latest ViaMonstra Academy video looking at all things Intune and ConfigMgr is now live featuring Johan Arwidmark, Andrew Johnson and guest Dean Ellerby
https://www.linkedin.com/video/event/urn:li:ugcPost:7026669473403195392/?isInternal=true
Some new content from Craig Camacho aka TheDeploymentGuy, this one looking at creating AAD groups based on the group tag, I’d suggest looking at the other videos and even hitting the subscribe button
Microsoft Content
Lots of Microsoft content this week as well, starting with a look at all of the exciting new features in Intune 2301
This article and video from Zachary Cavanell and Matt McSpirit demonstrates how to quickly setup and AVD environment
Ramya Chitrakar looks at all of the exciting new features in 2301
One new feature worth looking at is the Intune Troubleshooting experience, you can find out more in this post from Jon Lynn
If you are reading this, I imagine you’re working regularly with Intune. If so, join the Windows and Endpoint Manager Customer Connection Program, read more from Megan Hochstatter
Whether for exams, knowledge or documentation, MS Learn is a key resource. Gita Sharma shares some tips on getting the most out of it.
The Unpacking Endpoint Management series is a must-watch! This post from Rachelle Blanchard lists upcoming videos and links to on-demand content
AVD watermarking is now in public preview to further protect your corporate content on non-corporate devices, find out more in this post from Serena Zheng
A gentle reminder that Update Compliance is soon to be EOL and you should be transitioning to Update for Business Reports. Find out more in this post from Akash Malhotra
And finally a look at the exciting new features in Windows 365 including hardware acceleration and support for Windows 10 in the Windows 365 app!
https://learn.microsoft.com/en-us/windows-365/enterprise/whats-new
That’s it for this week, have an incredible weekend, the newsletter will be back same time next week!
Thanks, for your newsletter 🙂