Welcome to another exciting newsletter, this week Microsoft released Unpacking Endpoint Management video series so there is a whole section dedicated to that!
We start this week with the next part of Doug Petrole‘s monitoring month, this time looking at monitoring GPU metrics on your cloud machines
Nico Wyss has put together a useful script and post covering how to deploy apps without an obvious installer
Custom Compliance scripts were a welcome addition to Intune, especially for those of us who prefer PowerShell and they give you so many more options. To find out more and look at an example script, have a look at this post from Jannik Reinhard
If you’re looking at managing your macOS fleet using Intune, this comprehensive post from Tom Machado demonstrates how to enrol them via Apple Business Manager
Filters are a very useful tool to speed up assignment and deployment without relying on dynamic groups. A new addition now allows you to see where you have filters assigned rather than having to go digging through your policies. To find out how, read this from Shehan Perera
Now for three posts from Robin Hobo, the first looking at what you can do with autopilot pre-provisioning
Robin’s second post shows how to use local group membership to give users admin rights to invididual machines rather than using the AAD role which applies across all devices
The third post from Robin runs through deploying Autopatch into Intune
We all know PS scripts execute during ESP, but what about Proactive Remediations? Rudy Ooms has done some investigating, read on to find out the answer!
Your Azure AD environment is critical to the security of your environment, no point in having a complex alarm system if you leave your front door wide open! To find out how to review and mitigate your AAD threats, read this comprehensive post from Harri Jaakkonen
Have you ever wondered the difference between a personal and corporate device? What better way to learn than from the expert Scott Duffey in this post
This post from Jitesh Kumar looks at all of the new features in the 2302 release (including the renaming!)
A second post from Jitesh, looking at the new Intune Suite, what it costs and what you get
Another new addition to Intune allows you to select the update ring for Defender for endpoint. Benoit Hamet has covered how in this post.
If you aren’t familiar with M365DSC, Will Francillette has released part 1 of a new series covering it’s full usage, this post is your introduction and overview.
For those of you using whiteglove/pre-provisioning, wouldn’t it be nice if those devices sitting ready on the shelf were already encrypted? Whilst not officially supported, Niall Brady has a way of doing just that in these articles
Niall and Paul Winstanley have also released part 7 of the Windows 365 getting started guide, this one looking at using Autopatch to keep them updated
Some users may have a requirement for OneDrive to be fully available offline, those who travel extensively for example. To configure it in your estate, use this excellent Proactive Remediation from Florian Salzmann
I’m a big fan of FIDO2 security keys, but because I’m lazy, often just use Hello for Business face recognition. To make FIDO2 the default option for Windows, have a look at this post from Peter Klapwijk
To further secure your machines, Microsoft Defender Application Guard for Office can protect you from malicious office files. This post from Peter van der Woude runs through the steps involved
Struggling to convince yours execs and users to ditch Chrome? This post from Lewis Barry may help you push them towards and Edge only estate
Some very useful PowerShell commands here from Torbjorn (Mr T-Bone) Granheden to update your OS, apps and more
Did you know you can assign ASR rules to your servers in Intune, even when they aren’t enrolled? If not, read this post from Mattias Melkersen Kalvåg and start cloud managing your server estate!
This post from Niklas Tinner looks at the different ways to manage your Autopilot identities
Next, Andy Jones looks at how to manually add a macOS device to Apple Business Manager
If you have field users who need to be able to change their IP address, but without giving them admin rights, check this script from Simon Skotheimsvik
For those of you using Remote Help, this post from Prajwal Desai shows you how to disable the chat functionality
This post from René Laas shows the graph commands (and some useful app IDs) to deploy the new store apps without using the GUI
This post from Niklas Tinner looks at the actions an end-user can take on their own device
For anyone managing HP devices, have a read of this post from Gary Blok showing how to configure BIOS WiFi to use Sure Recover
As mentioned in the Microsoft content below, Windows 11 will soon be receiving new features outside of the feature update releases. If you want to turn this off, follow this guide from Michael Niehaus
This post from Jeffrey Appel shows how to use SmartScreen to further protect your devices
We start this weeks video content with a look at the Intune Management Extension from Chander Mani Pandey
Next up, Dean Ellerby demonstrates how to deploy the Zoom application MSI the proper way, via Win32
Andrew Jones has released part two of the series for managing your Apple devices, this one looking at connecting Apple Business Manager and Intune
Andy has also released episode 3 looking at enrolling apple devices manually into Apple Business Manager
Now for three videos from Anoop Nair, the first two running through how to use Intune filters, how they work, their limitations and more
Anoop’s third video shows how to deploy Windows Update for Business Reports and then use them.
This demo from Craig Camacho shows how to deploy a custom start menu on Windows 10 and 11
Now for the Microsoft content, starting with a look at all of the new features in 2302 from Ramya Chitrakar
In March, Windows 11 will feature continuous innovation to receive new features ahead of a full feature update. Read more in this post from Harjit Dhaliwal
Some exciting new features here for Windows 11 including iOS phone link
The Windows 365 app for Windows 10 and 11 is now in general availability
The latest skilling snack is now out, this one comes from Hung Dang and looks at everything Autopilot
The Microsoft Intune suite is now out, find out more in this post from Michael Wallent
Looking at each individual feature of the new suite:
Managing purpose built devices from Eugenie Burrage
A look at Remote Help (also from Eugenie)
Remote tunnel for MAM on Android and iOS from Lance Crandall
Advanced Endpoint Analytics from Albert Cabello Serrano
Endpoint Privilege Management from Matt Call
Unpacking Endpoint Management
As mentioned at the start, there have been a whole series of Unpacking Endpoint Management Videos released. I’m not going to list everyone in the videos, but it’s the who’s who of experts!
The titles are self-explanatory so enjoy the content!
That was a lot of content! Thanks to everyone in the amazing community and have a great weekend!