Intune Newsletter – 14th April 2023

Welcome all to this weeks Tech Accelerator special newsletter, there is an extra section this week to include all of the great videos from the Tech Accelerator event. For anyone attending the MVP summit next week, I look forward to seeing you. Due to travelling and time differences, next weeks newsletter may be slightly delayed!

Community Content

We start this week with a look at Automation Runbooks in Azure and how you can use them to automate a lot of your daily tasks within Intune from Jannik Reinhard

If you want to get further details from your PowerShell script output without having to delve into the registry on devices, have a look at this script and module from Matt Dobing which outputs transcripts to Azure Blob storage

We all know about the Security Baselines for Windows, Edge and Windows 365, but here Nicky De Westelinck has used the Microsoft Security and Compliance Toolkit to create a baseline for M365 apps using Settings Catalog

On a similar note, Rahul Jindal does something very similar for the latest Microsoft Edge baselines which are newer than the ones currently available within Intune Security Baselines

Next up, we have a script from Shishir Kushawaha which can be run during OOBE to enrol a device into Autopilot including adding a group tag

Now for two posts from Jitesh Kumar, the first of which is a detailed run-through on configuring custom compliance policies for Linux devices using bash scripts and JSON

Jitesh’s second post looks at some of the exciting new features in the Config Manager 2303 upgrade

With the discovery of the new MacStealer Malware for macOS devices, Snehasis Pani looks at how you can use Intune to protect your devices

On the subject of malware, this post from Abhinav Rana shows how to configure a boot start driver policy to further protect your devices right from boot

Laptop docks are great things, but keeping on top of the firmware is a lengthy job and usually vital to keeping them running nicely. If you are using HP docks, this PowerShell script from Gary Blok can be deployed in Intune or Config Manager to keep them updated

Now for two Proactive Remediations from Thiago Beier, the first one will create a new admin account on your devices and reset the password on any others it finds so you can be sure no-one has sneaky admin rights!

Thiago’s second proac pops up a toast notification if your hybrid-AD joined devices don’t have the correct hostname so whatever issues can be resolved

The 7th part of the series on Conditional Access has been released from Paul Winstanley and Mike Marable this one running through forcing MFA for risky sign-ins, what a risky sign-in is and what happens when it happens

This post from Nico Wyss looks at Bash script deployment for your Linux devices with an example script to test it out (don’t use in production though)

Sander Rozemuller has put together a new set of posts to automate your journey towards zero trust and this is the place to find them all. As others are released, they will also be added so it’s worth bookmarking

This post from Peter van der Woude looks at how to configure and use Endpoint Privilege Management

If you are not the sole administrator in your domain, you may want to look at mutli-admin approval to give you peace of mind that no-one is going wild with policy changes (or deletions!) Dominiek Verham looks at it further in this post

The release of Config Manager 2303 has been an exciting one for many and in these two posts, Prajwal Desai looks at some of the new features

And then a step-by-step guide to updating your instance to the new version

Benoit Lecours has also released a step-by-step upgrade guide here

If you’re using Lenovo Thin Installer, this script from Philip Jorgensen can be deployed to keep it updated

Another Rudy Ooms deep dive, this time looking at what happens if you change an EPM rule with some complex flow-charts!

An exciting PowerApp from Michael Meier which can be used across platforms to perform Autopilot tasks including scanning a QR code to enrol devices

This excellent new website from Shehan Perera gives a high-level overview of everything to do with Intune/Autopilot with hyperlinks to the relevant MS documentation. One worth bookmarking!

Video Content

Now onto the video content, starting with a look at Windows Autopatch from Lior Bela, Michael Cureton and Mike Hilderbrand

With Windows 365 for Frontline workers now in public preview, Christiaan Brinkhoff, Colby Hanley and Sam Tulimat look at it further

In this video, Shravana Mukherjee and Lior Bela speak to Dean Ellerby, Sandy Zeng and Adam Gross about the new Intune Suite

Tech Accelerator

There have been some excellent videos this week in Tech Accelerator which you will find here, featuring:
Steve Dispensa, Ramya Chitrakar, Jason Roszak, Dilip Radhakrishnan, Matt Call, Lavanya Lakshman, Danny Guillory Jr, Joe Lurie, Dave Randall, Jessica Yang, Oluchi Chukwunyere, Kara Wang

Microsoft Content

Now for the Microsoft community content, starting with a look at what’s new in Autopatch from Lior Bela

Windows LAPS is now available (with Azure AD hopefully coming soon). Find out more here from Jay Simmons

If you are using Windows Update for Business Reports, you can now route different device data to different workspaces based on AAD group membership as covered here by Aaron Oneal

Part of the new Config Manager updates allows more data from tenant attached devices to be displayed in endpoint security operational reports

The latest skilling snack is out, looking at the Windows lifecycle, from Jason Leznek

That’s it for this week, have a great weekend!

Leave a Comment