Welcome to the post-Ignite newsletter. I hope all of you who managed to attend in person had a great time!
Community Content
We start this week with a guide on how to further secure your Android devices using Defender for Android from Niklas Rast
A second post from Niklas, this time a requirements script to ensure apps only install outside of ESP
When looking to access traditional on-prem infrastructure Kerberos cloud trust is a massive improvement over the older key trust model. Learn how to deploy it in this post from Peter van der Woude
https://www.petervanderwoude.nl/post/configuring-windows-hello-for-business-cloud-kerberos-trust/
The latest blog from Rudy Ooms looks at the Intune certificate and the issues when they expire. Fortunately there are some remediation scripts included to help fix some common issues.
https://call4cloud.nl/2023/11/sslclientcertreference-without-a-cause/
Rudy has then followed up with a second post doing some detective work as to why the cert re-appeared on the device
https://call4cloud.nl/2023/11/all-the-intune-certificate-recovery-we-cannot-see/
Deploying mapped drivers and printers is often a headache with Entra joined devices. If you need them in your environment, grab these remediations from Torbjorn (Mr T-Bone) Granheden
Sander Rozemuller has released a new CLI tool for managing Intune tenants with some very useful features. This is one worth keeping an eye on as it grows
https://rozemuller.com/the-intunecli-for-automated-intune-management/
Next, Damien Van Robaeys has released part two of the new series on logic apps. This one covers creating an app registration and using it to retrieve information from Graph within the logic app.
https://www.systanddeploy.com/2023/11/getting-started-with-logic-apps-part-2.html
If you want to remove the new Outlook app using Intune, follow this guide from Jeroen Burgerhout
https://www.burgerhout.org/how-to-remove-the-new-outlook-for-windows-app-with-intune/
This comprehensive post from Suryendu Bhattacharyya shows how you can deploy a zero-trust conditional access configuration using Terraform and GitHub actions, impressive stuff!
https://suryendub.github.io/2023-11-09-ca-zero-trust-terraform/
Next, Jannik Reinhard has released a new script to alert when the Intune Management extension updates and what has changed in the new version.
https://jannikreinhard.com/2023/11/12/detect-new-intune-management-extension-updates/
Learn how to use zero touch enrollment to speed up your Android device deployment here with Narendra Malepati
https://www.anoopcnair.com/zero-touch-enrolment-in-intune/
The security baselines for M365 apps have been updated. Find out more about the updates and how to deploy them in this post from Jitesh Kumar
https://www.anoopcnair.com/update-security-baselines-for-microsoft-365-apps-intune/
Next, John Marcum shows how to set device categories automatically using Azure automation and an app reg
https://www.powerstacks.com/automatically-categorize-intune-devices/
If you want to enrol a Linux device into Intune, follow this excellent guide from Jatin Makhija
https://cloudinfra.net/how-to-enroll-a-linux-device-in-intune/
This post from Kenneth van Surksum has some excellent tips, tricks and best practices when packaging your applications for Intune
https://www.vansurksum.com/2023/11/16/microsoft-intune-application-deployment-best-practices/
Ugur Koc has released some scripts and instructions for renaming macOS and Linux devices using Intune here
https://ugurkoc.de/rename-linux-and-macos-devices-in-intune/
For those of you managing macOS devices, you can now deploy network drives to them via Intune with this excellent script from Oktay Sari
https://allthingscloud.blog/deploy-network-drive-mappings-on-macos-with-microsoft-intune/
Video Content
Now onto the video content starting with three videos from Steven Weiner, the first showing how to deploy LAPS in Intune
The second video runs through using the excellent Graph X-Ray tool to find the PowerShell Graph commandlets for commands within the UI
The third runs through how to configure SCEPman for certifcate deployment
This video from Craig Camacho shows how to restrict what users can see in control panel using Intune
You can now hibernate your AVD hosts! Find out how with Dean Cefola
Have a look at declarative device management for macOS in this video from Dean Ellerby
A quick run through of all of the Ignite updates in this video from Anoop Nair
Microsoft Content
Learn about linking BitLocker and compliance policies in this article from the Intune support team.
Find out how to use PowerBi to supercharge your Windows Update for Business reports here with Aakanksha Saxena
The latest skilling snack is now live and covers all things application control from Jeffrey Sutherland and Jordan Geurten
Now, Ignite news!!
Here are the main announcements from Stefan Kinnestrand
Now we can dig further into each:
- Information about security copilot from Shravana Mukherjee and Lavanya Lakshmanhttps://www.linkedin.com/in/lavanyalakshman/ (how exciting is this!)
- Intune Advanced Analytics from Zach Dvorak and Shravana Mukherjee
- Intune Enterprise App Management from Danny Guillory Jr and Shravana Mukherjee
- A look at all of the new features now live in Intune from Lior Bela
- Cloud PKI!!!!! This one from Katerina Athanasiou and Bill Calero
- New additions to Microsoft Autopatch from Diana Hoffman
What’s New in Windows Autopatch: Microsoft Ignite 2023 Edition | Windows IT Pro Blog
- You can now enrol a testing VM into Intune for use with Test Base. This one from Tina Chen
- New additions to Universal print from Robert Cunningham
That’s it for this week (as if that wasn’t more than enough!), have a great weekend!!