As August draws to a close and for those of you with children, the school-day routine returns shortly, you can at least be reassured that the newsletter is still packed full of amazing content!
Community Content
We start this week with a query often spotted in the wilderness of social media, what is the difference between the Wipe and the Fresh Start buttons? Find out in this post from Jonas Bøgvad
https://blog.skymadesimple.io/intune-wipe-vs-fresh-start/
For those of you managing Android devices, this in-depth post from Somesh Pathak is well worth checking out, looking at the enterprise features available to you in Intune
Whilst Hybrid Joined devices with Autopilot is really not a great idea, if you have absolutely no choice, check out this guide from Niklas Rast
A second post from Niklas, this one with a useful remediation script to rename “Workgroup” with your Tenant name on devices
Find out how to use your macOS custom attributes to create dynamic Entra ID groups with some wizardry from Tom Machado
Next, Peter van der Woude shows how to add custom information onto your corporate Android devices lock screen and support info
Another post from Peter this week, looking at the new Android app inventory introduced in 2307
You may want to restrict some admins to only run remote actions on an Intune device (service desk would be one example). Follow these instructions from Jitesh Kumar to set the appropriate RBAC permissions
https://www.anoopcnair.com/rbac-permission-to-run-remote-actions-in-intune/
A second post from Jitesh, this one showing how to deploy unmanaged macOS apps
https://www.anoopcnair.com/deploy-unmanaged-macos-app-using-intune/
Jitesh also looks at the new features in 2308 release
https://www.anoopcnair.com/intune-august-update-2308-new-features/
If you are deploying App Protection Policies, watch for any Exchange Mailbox Security Policies as covered here by Rahul Jindal
https://rahuljindalmyit.blogspot.com/2023/08/exo-device-mailbox-security-policy-vs.html
Jabra are my favourite headset manufacturer, but managing firmware updates can be a headache on managed devices. With the introduction of Jabra Express we finally have a way around it. Find out how in this post from Simon Skotheimsvik
https://skotheimsvik.no/headset-management-made-easy-with-jabra-xpress-and-microsoft-intune
Next, Joost Gelijsteen runs through how to enable PIN reset for your users
https://joostgelijsteen.com/enable-pin-reset/
You can now remove Autopilot devices without first having to delete the Intune object as covered here by Paul Winstanley
https://sccmentor.com/2023/08/21/removing-the-autopilot-device-in-one-step/
This post from Niklas Tinner runs through deploying and using Entra Secure Private Access to provide secure access to your resources without a traditional VPN
A quick but useful post from Gannon Novak showing how to find out if a device is registered to a different tenant
https://smbtothecloud.com/find-the-tenant-where-a-device-is-autopilot-registered/
Following on from Gannon’s post, we have a script from Florian Salzmann to quickly show you the tenant a device is registered to
https://scloud.work/get-autopilotprofileinfo/
Rudy Ooms has continued a deep dive into the refresh schedule here with another complex flow chart
https://call4cloud.nl/2023/08/the-adventures-of-windc-queen-of-the-mmp-c/
Next, Shehan Perera looks at Defender for Endpoint and the difference between Passive and Active
https://shehanperera.com/2023/08/23/mde-passivemode-01/
There may be times where you don’t want an application to install until after ESP has completed. If you have one of these, this post from Niels Kok will show you how to sort it
https://www.nielskok.tech/intune/install-applications-after-esp-enrollment-status-page/
Aresh Sarkari has released a script to add additional DNS servers to your Intune managed devices
This post from Michael Niehaus, shows how you can create a virtual machine with a checkpoint to test Autopilot
https://oofhours.com/2023/08/23/windows-autopilot-testing-with-vms/
If you have items which cannot be run during Autopilot, check out this script/app from Alex Semibratov
https://www.linkedin.com/pulse/implementing-finish-actions-windows-autopilot-alex-semibratov/
Video Content
Now onto the video content, starting with the latest tutorial from Harvansh Singh showing how to grab a list of devices with PowerShell and Graph
Now for two videos from Dean Ellerby, the first showing how to deploy Defender for Endpoint to your macOS devices
The second video shows how to then configure it
Dean’s third video shows how to get you M365 apps to auto-update on macOS (and why it didn’t work in a previous video)
Dean has had a busy week. This short fourth video runs through the difference between Hybrid Joined and Hybrid Autopilot devices (and why not to use Autopilot with Hybrid)
Find out how to move your Win365 cloud PCs to a different region in this video from Dean Cefola
Andy Jones has released episode 8 of the guide to iOS and macOS with Intune, this one covers keeping your devices updated
The latest Tackling Tech video is now live from Harjit Dhaliwal, this episode features Mabel Gomes and Aaron Czechowski. This episode looks at where to look for important Windows information and Microsoft documentation.
Here is the latest AMA looking at Windows in the cloud featuring Christian Montoya, Jason Parker, Ian Warren and Eric Orman, this one looking at AVD
Microsoft Content
Now onto the Microsoft content for this week starting with the news that Windows 365 frontline has now gone GA, find out all about it here:
A new addition in the 2308 release is the ability to set a timeout for your Win32 apps
https://learn.microsoft.com/en-us/mem/intune/apps/apps-win32-add#step-2-program
The all important what’s new in 2308, always worth checking out, some useful new features such as Remote Help for Android
A more in-depth look at what is in 2308 here from Ramya Chitrakar
Finally, make sure you check out the new Windows Autopatch enrollment guide
That’s all for this week, have a fab weekend!