Welcome all to this weeks Intune newsletter, slightly late due to the exciting MVP conference, a long journey and me trying to work out what time it is!
We have all mis-typed domains before, but attackers are grabbing these domains to target your users in a phishing attack. This post from René Laas shows how to enable typo-protection for Edge with an Intune policy to add a layer of protection
For those of you managing macOS devices, Hubert Maslowski has a very thorough guide here to deploy Security Baselines to protect these devices
Niels Kok has put together a very useful PowerShell module to quickly enable or disable Autoscaling on your AVD host pools
We all hate printers and know that paperless is the way forward, but sadly we still have users who insist on printing! With the free prints for users on M365 E3 or E5, now may be a good time to look at the Universal Print offering from Microsoft. To find out more and how to configure and deploy it, have a look at this post from Simon Skotheimsvik
Ákos Bakos has released part 9 of the excellent OSDCloud Series (the previous ones are well worth checking out), this time looking at how to automate OSDCloud to kick in during OOBE
Now for two posts from Thiago Beier, the first is an update to the previous guide/script to enrol windows devices using a ppkg. This update includes support for group tags directly within the package.
Thiago’s second post is a Proactive Remediation to deploy Outlook templates to your users from Azure blob storage
Linux support in Intune keeps on improving and with 2303 we gained the ability to deploy bash scripts to your Ubuntu-based devices. To find out how, read this post from Jannik Reinhard
Buckle up, Rudy Ooms has been digging about in Windows again. This time looking at device compliance and issues with Health Attestation. Be prepared for a thorough explore of the inner workings as usual.
To enable safe browsing on your Android and iOS devices running Chrome, follow this guide from Rahul Jindal
Next, Niklas Tinner looks at the different options available currently to handle your users who need administrative rights
Shishir Kushawaha has created a useful PowerShell script with GUI to be able to rapidly validate your machines have configured correctly using Autopilot
This custom compliance script from Harm Veenstra will mark any devices as not compliant if they have additional local administrators outside of the ones from Azure roles.
Florent Nosari has built a GUI front-end for your PowerShell scripts, still in beta, but well worth checking out
Windows 365 Frontline is now in public preview and is an exciting additon to the Windows 365 family of licenses. This post from Ola Ström tells you all you need to know
Now you know all about Windows 365 frontline, how about a couple of posts from Prajwal Desai digging into the subject further, starting with how to provision your newly licensed devices.
Now you have provisioned your devices, in order to free up the license for the next user, you’ll need to make sure they have closed fully. Hopefully the users will simply log out, but just in case, a time limit is always a good backup. Find out how in Prajwal’s second post
If you want to go full passwordless, you will want to look at using TAP to onboard your users and setup their devices. This post from Simon Håkansson runs you through the process
Naming your AAD joined, Autopilot devices is a straight forward process, but when dealing with hybrid-joined, it’s a bit more complex. Ideally you would just ditch the AD join, but for those who can’t yet, this script from Gannon Novak should help with the naming
This very in-depth post from Sander Rozemuller shows you how to automatically create a passwordless break-glass account as extra protection should you accidentally lock out your admins!
Now for the next three parts of the series covering HP Sure Recovery from Gary Blok
Jannik Reinhard has put together a script to use OpenAI and Azure Voice services and created an Intune Voice Bot
With the release of Windows LAPS, we have many items from the community around it:
This one from Nicky De Westelinck
And from Bradley Wyatt
Also from Rahul Jindal
And Moe Kinani
Now for a look at the Microsoft content this week, starting with more Windows 365 content with news that machines are now encrypted at the host level. Find out more from Ankur Biswas here
The weekly skilling snack is here and always well worth reading! This week it looks at all things Windows Update for Business from the expert in the field, Aria Carley
Have a look at how the Intune Suite can simplify your endpoint management in this article from Jason Roszak
Here is the official announcement of LAPS with AAD from the Intune Support Team
The final content comes from Ramya Chitrakar with a look at what’s new in the 2304 release
That’s it for this week, have a great weekend (what’s left of it). Hopefully business as usual next week with a Friday release!