Intune Newsletter – 24th March 2023

Welcome to your favourite source for Intune news and exciting goodies from the community!

Community Content

We start this week with a useful script from Phil Jorgensen for anyone using Config Manager and Lenovo devices. The script and guide will run through installing Thin Installer, downloading the drivers for the machine and then installing them.

Next, we have two posts from Damien Van Robaeys looking at the Advanced Endpoint Analytics functionality in the Intune Suite. The first post gives an overview of the device anomalies functionality, what is does and how to enable it.

Damien’s second post digs down into the world of Graph to look at how you can use the output in a more automated way

Another new feature in the Intune Suite is Microsoft Tunnel for Mobile Application Management which is covered in-depth here by Peter van der Woude

If you are using Samsung Knox E-fota, at some point you’ll need to create a new app secret for the Intune connection. This guide from Timmy Andersson will show you how

Somesh Pathak has released part three of the series looking at Apple management, this one looks at Apple Business Manager/School Manager and Business Essentials

Now for a look at all things Windows 365 in a multi-part tips and tricks from Sune Thomsen. The first part looks at how you can make the connection from the end-user device as quick and responsive as possible

The second part covers improving the experience after logging in

Now for four! posts from Thiago Beier, the first showing how to send an alert to a teams channel when a device is enrolled into Autopilot

As a follow-on, Thiago has released a script to enroll a device using a provisioning package

Thiago’s second post is useful when packaging and deploying your apps, an easy to use PowerShell script to grab your applications uninstall keys

This script and post from Thiago shows how to create a group based on the last sync date to move your old devices into a different group (maybe for more strict CA for example)

On a similar notification theme, Jannik Reinhard uses a PowerShell script and Azure Automation to email a list of enrolled devices

Next, Niklas Tinner has some excellent hints and tips for troubleshooting policies and apps at the device level

Some very compelling arguments for using Windows 365 (or AVD) cloud PCs in this post from Ola Ström which should hopefully help you convince your execs

This post from Vidya M A puts together 13 videos from the HTMD channel to help you make your design decisions when deploying Intune into a new environment

An exciting new addition to Autopatch is the ability to customize your update deferrals, find out more in this post from Jitesh Kumar

Another how-to guide from Niklas Rast, this time running through the pre-provisioning (was white-glove) process

Now we have four posts from Émile Cabot, with the first two looking at the new store integration. Émile’s first post covers the new ability to deploy store apps in the system context directly within Intune

The second post, shows how to use the new integration to remove applications from machines

And Émile’s third post looks at conditional access, how to create your policies, some policy recommendations and more importantly, how they work with break-glass accounts

The fourth post shows how to enable App and Browser control via Settings Catalog

If you are using nested groups and they have stopped updating, check out this post from René Laas with some suggestions which will (hopefully) fix the issue

Following the release of the driver and firmware servicing tool, David Brook has put together an excellent PowerShell module to make management easier

Should your environment have some WLAN’s which you don’t want users connecting to, this PowerShell script from Joymalya Basu Roy will block it for you

You can now force store apps during Autopilot ESP. This article from Arno van Dijk shows how and also some tips for monitoring and troubleshooting the installation

Next, find out how to fix the pesky 0x80070032 Autopilot reset error in this post from Prajwal Desai

A second post from Prajwal and one worth bookmarking, all of the latest Intune releases and what is included

If you want to go passwordless with Azure AD, you will need to leverage TAP to onboard your users to configure their authentication. This post from Simon Håkansson will run you through the process

Thomas Marcussen has updated the script to check Autopilot pre-requisites and added some useful new checks. Find out more here

This post and script from Niall Brady will automate setting group tags on multiple autopilot devices including installing any required modules

If you are using Windows 365, this post from Aresh Sarkari will show you how to send any alerts to a Teams Channel using Azure Automation

For shared devices, you may find after a while disk space starts to suffer from stale user profiles. This proactive remediation from Florian Salzmann can either report on, or clear out profiles over a certain age

Should you find any users getting a temporary profile on an AVD/FSLogix setup, have a read of this post from Gannon Novak on what to look for

This post from Paul Winstanley shows how to deploy Edge and Chrome extensions via Intune (in this case Okta, but it applies to any extensions)

If you’re an HP house, Simon Skotheimsvik has released part 3 of the HP Connect for Intune series, this one with an in-depth look at BIOS settings

Sune Thomsen has released the next part of the Windows 365 End-User Deep dive, this one delving into the world of multi-media redirection

In case you missed the news, Update Compliance is now end-of-life and has been replaced by Windows Update for Business Reports. The setup is slightly different, follow this guide from Jeroen Burgerhout to configure in your environment

Mergers and acquisitions can be a real headache for IT staff, trying to combine two entire environments into one but without completely ruining the user experience. This post from Shehan Perera looks at your options at the Azure AD level

The third post looking at Zero Trust from Sander Rozemuller is now out, this one covering the different ways to protect your user accounts

As well as creating a Windows 365 restore point, you can also export one to an Azure Storage account opening up the ability to make a local VM from it. Find out more in this post from Dominiek Verham

Video Content

Now onto the video content for this week, starting with a video from Andy Jones demonstrating how to configure Intune and use “Locate Your Device” for Android devices

Next up, Dean Ellerby demonstrates how to package applications using the excellent PowerShell Application Deployment Toolkit (PSADT)

I’m sure we are all using Dynamic Groups at least for your Autopilot devices. For a full deep-dive into just what you can do with them, watch this video from John Savill, it is incredibly thorough as with all of John’s recordings!

The latest video from Anoop Nair looks at one of my favourite additions, Autopatch and how you can use it to automate patching on your cloud machines

A second video from Anoop, this time looking at security baselines, how to configure them, update them and some things to look out for when implementing them

In a similar theme, this video from Anoop looks at everything around Settings Catalog

Also looking at Autopatch, Dean Cefola looks at Autopatch from the tenant level and how to configure, enrol and onboard into the service

The latest video has been released, this one features Adam Gross and Steven Hosking and looks at how you can tweak Company Portal to stop it from displaying Microsoft Webapps (amongst other things)

A new video from Chander Mani Pandey takes a look at Graph Explorer and using it to manipulate Intune at the graph level

The final community content this week comes from Andy Malone with a look at what’s new in M365 including a look at the Intune Suite, Compliance policies and more

Microsoft Content

Now onto the Microsoft content, starting with a post from the Intune Support Team covering how to configure bitlocker via settings catalog

This post from Chris Morrissey looks at the different Windows monthly updates

The final part on the App confidence blog series comes from Aleks Lopez and Colby Haase and looks at monitoring application reliability and how to use App Assure if required

Another posts from Aleks to round this off this week, a new skilling snack covering the always tricky world of application compatibility

That’s it for this week, thanks to everyone for their incredible content! Have a great weekend

Leave a Comment