Welcome one and all, the year is going far too fast, but the content keeps on coming!
Community Content
We start this week with the first part of a series from Rudy Ooms looking at the Windows Deployment Configuration, EPM and the Refresh Schedule deployed when configuring EPM
https://call4cloud.nl/2023/07/the-windc-refresh-schedule-and-the-dudes/
If you want to configure Internet Security zones, but still give the users the ability to change settings, try this remediation from Matias Magnus Andersen
https://epmstuff.wordpress.com/2023/07/10/configure-security-zones-using-remediations-in-intune/
Next, Peter van der Woude shows how you can build upon the default application control policies in Intune
Monitoring your feature update deployments is crucial, especially if you are restricting OS versions via compliance. To report on feature update failures, check out this post from Jitesh Kumar
https://www.anoopcnair.com/windows-feature-update-failures-intune-report/
On-demand remediations has opened up so many new options within Intune. One of these is the ability to use them to collect logs from devices, find out how here thanks to Damien Van Robaeys
https://www.systanddeploy.com/2023/07/using-on-demand-remediation-to-collect.html
Find out how to restrict your OS versions to n-1 using a compliance policy and azure automation in this post from René Laas
https://endpointcave.com/automate-your-minimum-os-build-in-all-compliance-policies/
You probably want to stop users from installing Beta Software on their Apple devices. Fortunately Somesh Pathak has instructions on how to do so here
https://www.intuneirl.com/prevent-supervised-devices-from-installing-apple-beta-software/
We have a second post from Somesh, demonstrating how to virtualise macOS using parallels
https://www.intuneirl.com/mac-on-mac-running-a-virtual-macos/
Trevor Jones has released a new script to convert the Windows update names displayed in the driver management UI to the friendly manufacturer name
https://smsagent.blog/2023/07/07/translating-windows-update-driver-names-to-friendly-driver-names/
A second script from Trevor, this one to trigger an on-demand remediation and then view the output:
Graph Explorer is an incredibly useful tool when working with Graph. This post from Daniel Bradley runs through how to use it fully
https://ourcloudnetwork.com/how-to-use-the-microsoft-graph-explorer-tool/
Next, Prajwal Desai looks at the latest additions to Windows 365
https://www.prajwaldesai.com/windows-365-updates-new-features-improvements/
You may have noticed that the driver update functionality does not show you applicable devices. This post from Peter Klapwijk shows how to use Graph to find them
https://www.inthecloud247.com/intune-driver-update-for-windows-get-applicable-devices/
Jan Bakker has created an excellent new PowerApp to quickly set the preferred MFA method for your users.
Next, Simon Hartmann Eriksen looks at everything around ASR and how it links with Defender
https://www.simsenblog.dk/2023/07/12/asr-rules-anno-2023/
Find out how to code sign your PowerShell certificates with a cert from your on-prem CA in this post from Niklas Rast
With the newly announced Entra Identity Access (more in the Microsoft news below), Daniel Bradley has written a deployment guide.
https://ourcloudnetwork.com/how-to-setup-microsoft-entra-internet-access/
Jeffrey Appel gives a deep dirve into managing security across platforms with MDE in this post
https://jeffreyappel.nl/manage-mde-for-windows-macos-and-linux-via-security-settings-management/
Next, Nick Benton looks at meeting NCSC guidelines for macOS using Intune
https://memv.ennbee.uk/posts/macos-ncsc-revisited/
A new post from Salona Sahni covering how to use Quiet Time on your mobile devices. Link is translated from the original
If you support macOS devices, Munki is an excellent tool for deploying your apps. This post from Tobias Almén covers how to configure and use it with Intune
https://almenscorner.io/the-journey-to-munki-and-intune/
Timmy Andersson has put together instructions for fixing any Android devices stuck at the “Your work checklist” phase
https://timmyit.com/2023/07/13/android-enrollment-stuck-at-your-work-checklist-in-intune/
Find out how to move your Windows 365 machines to a different region in this post from Dominiek Verham
https://techlab.blog/how-to-move-existing-cloud-pcs-to-a-different-region/
Find out how to take your branding to the next level with this remediation from Simon Skotheimsvik
https://skotheimsvik.no/rare-windows-endpoint-branding-using-intune-remediation
Video Content
Now onto the video content, starting with a guide to enrol your iOS devices using Apple Business Manager from Roy Esteves
Niklas Tinner speaks to Ugur Koc looking at the excellent IntuneUpdate.com website
The latest video from Saurabh Sarkar is out and covers using SCEP and NDES in Intune
Protect your AVD machines further with Trusted Launch. Find out how it works and how to deploy and configure it in this video from Dean Cefola
In this video Dean Ellerby looks at Automated Device Enrollment for your macOS devices
Andy Malone looks at the new features announced for Entra in this video
The final video content comes from John Savill with a thorough look at using Entra to protect your applications
Andy Jones has released the latest video convering all things Apple and Intune. This one looks at deploying macOS configurations via Settings Catalog and Device Configurations
Microsoft Content
Now onto the Microsoft content starting with all of the exciting announcements in Microsoft Entra from Joy Chik
Followed by a closer look at the rename from Azure AD to Entra ID with Irina Nechaeva
You can now bulk resize Windows 365 machines as covered here by Abraham Pineda
Check out the Windows client roadmap from Jason Leznek
The latest skilling snack is out from Harjit Dhaliwal looking at all things store apps, including migration
That’s it for this week, have an incredible weekend!