Welcome one and all to this weeks exciting newsletter! Let’s have a look at the incredible content from this week.
Community Content
We start with a post from James Robinson covering the joys of HAADJ, why it is usually unnecessary but also looking at some situations where it might be the only option.
https://skiptotheendpoint.co.uk/haadj-stop-it-youre-making-it-worse-for-yourself-mostly/
This post from Nicolas Bonnet shows how you can migrate your legacy MFA and SSPR portals to the more modern offerings in the Entra portal
Next, Vidya M A looks at the device lifecycle in Intune and what each of the wipe/reset/retire buttons does
https://www.anoopcnair.com/best-ways-to-remove-intune-client-uinstall/
Jorge Suarez takes an in-depth look at device filters, what they do and how to use them.
https://www.jorgeasaur.us/using-filters-to-assign-apps-policies-and-profiles-in-microsoft-intune/
Now for two posts from Jonas Bøgvad, both looking at primary refresh tokens. This first post looks at what they are specifically from an iOS perspective.
https://blog.skymadesimple.io/primary-refresh-token-on-ios-devices/
The second post is part of a new series with a deep-dive on all things PRT, well worth checking out.
https://blog.skymadesimple.io/the-mysterious-life-of-prt-the-beginning/
Damien Van Robaeys has released an update to the excellent Intunewin build and extract tool with some useful new features
https://www.systanddeploy.com/2023/05/intunewin-build-and-extract-tool-to.html
Next, Aresh Sarkari has released parts 2 and 3 covering deploying AVD using Terraform. Part two covers setting up for pooled session hosts
Whilst part three covers Remove App configuration
Michael Meier has released the final part looking at grabbing Intune and Client data into PowerBi and a CosmosDB. This part demonstrates how to view and report on your data
Shady Khorshed has put together a four week plan to learn Intune for Android and iOS devices including learning pathways from Microsoft for each step
https://www.linkedin.com/pulse/learn-microsoft-intune-mdm-ios-android-devices-from-scratch-khorshed/
This post from Simon Skotheimsvik looks at how to use a FIDO2 authentication key to further protect your online accounts
With the release of the new .zip TLD (thanks Google!), you now have an added risk when mentioning filenames in emails and other messages as it will convert them to hyperlinks which could send users to malicious websites. This post from Jeffrey Appel shows how to block these new domains with Defender for Endpoint and Windows Firewall
Autopatch continues to improve with every Intune release. The latest feature is Autopatch Groups for more granular control over your updates. You can find out more in this post from Peter van der Woude
macOS management with Intune is constantly improving and you may now be at the point where you want to test it with your devices. This guide from Prajwal Desai will help you get started
Niklas Tinner runs through using Device Control and ASR rules to protect your devices in this post
https://oceanleaf.ch/device-control-with-intune/
This post from Nicklas Ahlberg looks not only at configuring LAPS, but also managing your Administrators group and monitoring for any unwanted changes. If you are deploying LAPS, this is one to read first.
An exciting new feature for Conditional Access called Protected Actions is now in Public Preview. Read this post from Pim Jacobs to find out more
https://identity-man.eu/2023/05/16/using-the-new-protected-actions-feature-with-conditional-access/
Settings desktop wallpaper via Intune policy is sadly restricted to Windows Enterprise licensing which means that those on Windows Pro (such as Business Premium) can’t use it. Fortunately Florian Salzmann has put together an application and PowerShell script to solve this.
https://scloud.work/en/wallpaper-lockscreen-intune-business/
An in-depth look at AAD Connect with some troubleshooting for common sync issues in this post from Gannon Novak. One definitely worth bookmarking if you are now yet fully cloud native.
Windows 365 Frontline is now in preview and could be the SKU for you. To find out all about what it is and how to deploy it, check out this excellent post from Ola Ström
This post from Rajith Enchiparambil also runs through the process of deploying a new Windows 365 frontline machine
https://cloudiffic.com/deploy-windows-365-frontline-cloud-pcs/
Rudy Ooms has a new post and script to resolve any sync issues from outdated or faulty certificates
This excellent guide from Faris Malaeb will get you started securing your devices using Intune
https://adamtheautomator.com/intune/
On your journey to cloud native, AAD, Autopilot goodness, you will probably start with hybrid joined devices. This post from Viktor Ahorner explains how they work and how to configure AAD connect appropriately.
https://www.blog.mccloud.cloud/post/hybrid-join
Video Content
Now onto the video content, starting with a look at LAPS from Dean Cefola
The latest Tackling Tech from Harjit Dhaliwal has been released, speaking to MVPs to find out what they love about Windows 11
Now we have a look at what’s new in the 2304 Intune release from Mattias Melkersen Kalvåg and Nickolaj Andersen including ServiceNow integration, LAPS and more
This video from Anoop Nair runs through how to capture inventory of your Intune managed devices
The May 2023 Windows 365 AMA is out now featuring Christian Montoya, Donna Ryan, Femi Adebayo and David Bélanger
This video from Roy Esteves runs through linking your Apple Business Manager with Intune and configuring enrollment tokens and profiles.
Here is episode 3 in the EMS discord community podcast, this one features James Robinson, Lewis Barry, Mark Morowczynski and Jonas Bøgvad looking at ADFS to AAD migrations, MFA number matching, LAPS, EPM and others.
Jon Jarvis has released a video looking at Windows 365 Frontline, including how to set it up
https://www.linkedin.com/feed/update/urn:li:activity:7064575919947935744/
If you have ever wondered how to quickly spin up a demo Intune tenant, have a look at this video from Dean Ellerby
Microsoft Content
This weeks skilling snack comes from Akash Malhotra and looks at Windows Update for Business reports (what was Update Compliance). These are a welcome addition to the built-in reports and well worth configuring.
That’s it for this week, have an amazing weekend!
