Intune Newsletter – 5th May 2023

Welcome to this weeks newsletter and for those of you lucky enough to attend MMS, I hope you had a great time (and safe travels)

Community Content

We start this week with a look at how to manage your Chromebooks with Intune from Torbjorn (Mr T-Bone) Granheden. Well worth checking out if you are considering using Intune for your ChromeOS fleet as there are some gotchas.

https://www.tbone.se/2023/04/28/manage-chromebooks-with-intune/


This thorough post from Niall Brady looks at troubleshooting steps when Autopilot is failing during account setup, in particular when attempting to install certificates via SCEP/NDES,


LAPS is still proving to be a popular subject and we have a number of articles on it this week, starting with this one from Niklas Tinner covering how to use LAPS with Administrative Units for more granular control

https://niklastinner.medium.com/windows-laps-azure-ad-and-administrative-units-f3ca4972ec87

Niklas also has a post with a full guide to configure and deploy LAPS

https://oceanleaf.ch/windows-laps-guide/


Shehan Perera takes things one step further looking at the pre-requisites for deploying LAPS including configuring your Admin Units so your environment is fully configured ahead of deployment.

https://shehanperera.com/2023/05/01/prereqs-for-wlapsinaad-0/


Next, Florian Salzmann looks at the end-to-end process of deploying and using LAPS including password rotation

https://scloud.work/en/windows-laps-azure-ad/


Peter van der Woude also has an in-depth run through here


Marc-Andre Chartrand also looks at LAPS here


The final LAPS guide this week comes from Daniel Bradley


Now for something which isn’t LAPS (but it’s similar), this post from Chris Hudson gives a thorough look at the Endpoint Privilege Management functionality included in the Intune Suite

https://www.threesixtythrive365.com/post/intune-endpoint-privilege-management


This post from Michael Meier shows how to leverage CosmosDB, Automation and PowerBi to create reports from both Intune and data directly from your endpoints.


If you need to quickly grab a list of your Windows 365 machine names, check out this post from Prajwal Desai


No doubt many of you have started your Windows 11 deployment (or are planning to shortly). This script from Jannik Reinhard will give you a helpful dashboard to track the deployment progress and adoption of Windows 11 using Azure Automation.

https://jannikreinhard.com/2023/04/30/tracking-windows-11-upgrades-with-azure-automation-and-intune/


If you have Defender for Endpoint licensing and want to onboard your servers into it, this guide from Joey Verlinden will show you how to do so using Defender for Cloud

https://www.joeyverlinden.com/onboard-servers-to-mde-using-dfc/


Rudy Ooms has got the flowcharts out again, this one looking at logging with Endpoint Privilege Management and what happens when you elevate an application.


Azure AD Administrative units are a very useful tool which many are unaware of. To find out more, read this post from Thiago Beier

https://thiagobeier.wordpress.com/2023/05/03/whats-azure-ad-administrative-unit/


Apple now includes Rapid Security Response for iOS and macOS. To find out more and how to manage it using Intune, Somesh Pathak has you covered here

https://www.intuneirl.com/rapid-security-response/


You can now include Remote Help in your Conditional Access policies using an Azure Service Principal as covered here by Benoit Hamet

https://blog.hametbenoit.info/2023/05/04/intune-remote-help-now-supports-azure-ad-conditional-access/#.ZFOgj87MK-Y


Next, René Laas looks at things you should consider when designing and building your compliance policies

https://endpointcave.com/a-method-to-implementing-an-effective-compliance-policy-design/


This post form Jan Bakker looks at the new Suspicious Activity and Fraud alert in Azure MFA


Video Content

Now onto the video content with part 2 of Andy Malone‘s look at configuring a new Intune tenant. This one covers deploying applications and securing your devices


John Savill has a deep dive into the world of LAPS in this latest video. Well worth a watch (and if you haven’t done so already, this is a channel which is definitely worth subscribing to)

John has also done a video looking at Hybrid AD Join (but don’t use it with Autopilot)


Nick Ross has looked at the additions to the April M365 update including the new additions in Intune from 5:13


Andy Jones has released part 5 of the series looking at how to enrol devices into ABM, this one covers enrolling devices using just an iOS device!


Peter Rising has released a beginners guide to Defender for Endpoint which is well worth checking out. Lots of great content from Peter so I’d recommend subscribing to the channel


Microsoft Content

Onto the Microsoft content now starting with a look at what changes are coming to harden your Windows devices from Namrata Bachwani

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/latest-windows-hardening-guidance-and-key-dates/ba-p/3807832


Windows Autopatch just keeps on improving and there have been some exciting new changes in the latest Intune release including Autopatch groups and policy health dashboard. This article from Lior Bela looks at what’s new

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-new-in-windows-autopatch-may-2023/ba-p/3809696


Exciting news for all admins, you can now sign up for Windows Service alerts in the M365 Dashboard. Find out more here from Mabel Gomes

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/new-feature-sign-up-for-windows-known-issue-email-alerts/ba-p/3811111


Feedback is always welcome on all Microsoft products and LAPS is no exception. Jay Simmons shows how to submit your feedback in this post

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-provide-feedback-on-windows-laps/ba-p/3811898


The latest skilling snack has been released, this one covers Windows Update for Business Deployment Service from Surabhi Calla

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/skilling-snack-windows-update-for-business-deployment-service/ba-p/3812154


That’s it for this week, thanks for reading and have a great weekend!

Leave a Comment