Welcome to another exciting newsletter, bristiling with amazing content!
Community Content
We start with a look at the new “config refresh” functionality and how to enable it in your tenant from Peter van der Woude
Nicklas Ahlberg also looks at Config Refresh and how to deploy it in this post
https://www.rockenroll.tech/2023/10/17/windows-11-config-refresh/
There is a new addition to conditional access to require MFA when accessing admin portals. Learn all about it here with Joey Verlinden
https://www.joeyverlinden.com/require-mfa-for-microsoft-admin-portals/
If you are managing macOS devices, this post from Somesh Pathak is well worth reading around managing updates of your Microsoft applications
https://www.intuneirl.com/streamline-your-mac-experience-with-ms-auto-update-tool/
A second post from Somesh this week looking at some recent errors with Windows Defender
https://www.intuneirl.com/guardians-unexpected-defiance-when-defender-goes-astray/
Rudy Ooms has released part 7 of the series looking at WinDc, this one investigating the refresh task seen on Intune joined devices
https://call4cloud.nl/2023/10/the-positively-true-adventures-of-the-alleged-migraterefreshtask/
If you manage any Intel NUC devices, you can use this script from Damien Van Robaeys to manage the BIOS settings on them
https://www.systanddeploy.com/2023/10/managing-bios-settings-on-intel-nuc.html
If you want to auto-assign Android Managed Google Play apps, check out this Logic App from René Laas
https://endpointcave.com/auto-assign-android-managed-google-play-apps/
For many, MDM scopes in Entra are a set and forget config, but sometimes those settings can cause issues as Shehan Perera found here
https://shehanperera.com/2023/10/16/mdm-user-scopes/
If you want to lock down your devices to allow printing to only certain approved printers, follow this guide from Katy Nicholson
https://katystech.blog/mem/restrict-printing
Next, learn all about custom device compliance, including a useful example with Harvansh Singh
https://endusersupports.com/index.php/2023/10/13/custom-device-compliance-policy-in-intune/
This excellent post from Jose Schenardie shows how to use the Windows Update log generation tool, deploy and run silently and grab the output remotely!
https://intune.tech/2023/10/18/Automate-Windows-Update-logs-generation-and-collection.html
Next, we have a post and script from Prajwal Desai showing how to create a local admin account on your macOS devices using Intune
https://www.prajwaldesai.com/create-a-local-admin-account-on-macos-using-intune/
On the subject of admin rights, learn how you can use access packages to provide temporary admin rights on your Intune managed devices in this post from Niklas Rast
Whilst Settings Catalog keeps growing, there are times where manipulating the registry is a better (or only) approach. In this post, Florian Salzmann looks at the different ways to deploy registry keys using Intune
https://scloud.work/registry-key-with-intune/
Stephan van Rooij has released a new win32 prep tool which is fully open source and cross platform, well worth checking out
https://svrooij.io/2023/10/19/open-source-intune-content-prep
A new script from Harm Veenstra to report on the status of your autopilot profiles, devices and sync status
https://powershellisfun.com/2023/10/19/intune-autopilot-report-using-microsoft-graph/
If you are managing AVD machines, this post from Gannon Novak contains a remediation to deploy the Teams Machine wide installer to your hosts
Learn how to use Graph to deploy incompatible winget store apps in this post from Sander Rozemuller
https://rozemuller.com/windows-store-app-not-supported-in-preview-in-intune/
Video Content
Now onto the video content, starting with a new series from the team at MSEndpointMgr, this time featuring Nickolaj Andersen, Mattias Melkersen Kalvåg and special guest Lavanya Lakshman covering all things Anomaly detection and Settings insights
We also have a special edition of Windows in the Cloud from the Workplace Ninja Summit covering all things AVD and Win365 featuring Christiaan Brinkhoff, Morten Pedholt, Peter Daalmans and Ola Ström
The latest intune.training video is now live with Steven Hosking and Adam Gross. This one covers provisioning Android devices using Intune
Microsoft Content
Now onto the Microsoft content, starting with news that you can now use EPM with your Windows 365 machine from Matt Shadbolt
We also have an excellent Intune migrations getting started guide here
The latest skilling snack has arrived and comes from Rafal Sosnowski looking at all things Bitlocker
Learn how to get early access to Intune Security Copilot here from Shravana Mukherjee and Lavanya Lakshman
That’s it for this week, have an amazing weekend!