Happy New Year everyone and welcome to the first Intune Newsletter of the year!
Community Content
We start this week with a look at MDE, how to ensure it is updated, how to monitor it and how to be notifiied if there are issues from Will Francillette
https://www.french365connection.co.uk/post/mde-keeping-your-antivirus-up-to-date-deep-dive
Next, Thomas Marcussen looks at the advantages of using Windows 365 for your legacy applications
https://blog.thomasmarcussen.com/run-legacy-applications-with-ease-using-windows-365/
If you have a lot of service principals in your tenant, this script from Niels Kok will quickly show you what permissions they all have
https://www.nielskok.tech/entra-id/view-api-permissions-for-all-service-principals/
If you want to improve the speed of first login, learn how to disable the user ESP section and first login animations here with Niklas Rast
We have a second post from Niklas showing how to enable SSPR on the Windows lockscreen
Rudy Ooms has again been disassembling Windows and Intune, this time testing the new Support Approved option for EPM. Follow the instructions if you want to test this yourself, but only on a test device please!
https://call4cloud.nl/2024/01/epm-and-the-flights-of-support-approved/
This post from Oktay Sari looks at all of the available app deployment options within Intune for macOS devices
https://allthingscloud.blog/macos-app-deployment-with-microsoft-intune/
Niall Brady and Paul Winstanley have released the second part of their series covering automating Windows 365. This one looks at using the Graph X-Ray browser plugin
https://www.niallbrady.com/2023/12/30/automating-windows-365-part-2-using-graph-x-ray/
Now we have two posts from Somesh Pathak starting with a look at how Platform SSO for macOS can enable on-demand account creation on login
https://www.intuneirl.com/taking-platform-sso-to-the-next-level-create-new-user-at-login/
The second post from Somesh is part 6 of the series on Apple device management, this one looking at Apple Identity and SSO
https://www.intuneirl.com/apple-identity-services-sso/
This post from Dominiek Verham shows how to use Defender for Endpoint to proctect your Windows 365 devices
https://techlab.blog/protecting-windows-365-cloud-pcs-with-microsoft-defender-for-endpoint/
Gannon Novak has released a useful script here to configure MAM for Android and iOS automatically!
https://smbtothecloud.com/configure-mam-for-ios-android-with-one-script/
Personal devices are a necessary evil, but you really need to make sure your data is protected. Follow this guide from Tom Machado to see how Conditional Access can help
https://poemtomdm.fr/2024/01/03/corporate-data-on-personal-devices-conditional-access-can-help-you/
If you are seeing errors when deploying firmware to Zebra devices, this post from Timmy Andersson has the answer!
Michael Meier has released the next part of the series on custom inventory data, this one making improvements to a script from Ugur Kok to add custom macOS inventory data into PowerBi using Function Apps
https://mikemdm.de/2023/12/31/custom-macos-client-inventory-data-reporting-series-part-5/
Jeroen Burgerhout has released a remediation to remove the Dev Home app from Win 11 23H2
https://www.burgerhout.org/remove-the-dev-home-app-with-intune/
If you’re automating in a single tenant environment, using managed identities is the more secure way to authenticate. Learn how to configure and use them in this post from Torbjorn (Mr T-Bone) Granheden
https://www.tbone.se/2024/01/04/create-a-managed-identity-to-automate-intune-tasks/
Most of us use virtual machines for testing, but sometimes that can be a problem when you have device compliance policies, especially when linked to Conditional Access. If this sounds familiar, this post from Joey Verlinden should help!
https://www.joeyverlinden.com/device-compliance-for-your-virtual-machines/
Next, Peter Klapwijk digs into an error found when configuring Entra ID Connect and how to resolve it
https://www.inthecloud247.com/azure-ad-connect-setup-error/
Jorge Suarez has released a PowerShell script to help with app detection for Intune, worth checking out!
https://www.jorgeasaur.us/streamlining-application-detection-in-intune-and-mecm-with-powershell/
Video Content
We start the video content this week with two exclusives from Andy Malone and special guest Jeremy Chapman. The first looks at the new features coming to Intune
The second exclusive from Andy and Jeremy covers Global Secure Access for Entra
Next, Arif Nazari runs through packaging applications for Intune using PSADT
Edijs Perkums and Toms Knostenbergs have released their second video of the new series, this one covers packaging VLC with updates disabled.
We now have two videos from Steven Weiner, the first covers using Intune and Autopilot to customize your Windows 11 builds
Steve’s second post demonstrates how to use the Winget-CLI to package and deploy applications.
Steve also has episode 5 of the new podcast, this one looking at starting out with Intune and features Jesse Weimer
That’s it for this week, have a great weekend!!