Intune Newsletter – 2nd February 2024

Welcome to this weeks newsletter, your place to catch up on all things Intune, Entra and more! It’s a bumper one this week with lots of Intune suite news.

Community Content

We start this week with a look at another new Windows 365 feature in public preview, this time it’s shared mode for Win365 boot from Dominiek Verham

https://techlab.blog/windows-365-boot-shared-mode/

Dominiek also looks at the other preview functionality, dedicated mode

https://techlab.blog/windows-365-boot-dedicated-mode/


Next, Peter van der Woude looks at IME logs, what’s in them and how to work with them

https://www.petervanderwoude.nl/post/getting-familiar-with-the-intune-management-extension-log-files/


Niall Brady and Paul Winstanley have added a new post in their series covering Windows 365, this one looking at dedicated boot

https://www.niallbrady.com/2024/01/29/a-quick-look-at-windows-365-boot-dedicated-mode/


You may have noticed it is difficult to deploy desktop shortcuts to Windows store apps (Appx and MSIX), Florian Salzmann has a script here to sort that for you!

https://scloud.work/create-desktop-shortcuts-for-windows-apps/


If you are considering security baselines, or haven’t yet deployed them, this post from Shehan Perera is well worth checking out

https://emsroute.com/2024/01/27/intune-security-baseline-1/

Shehan has also written this helpful post to rapidly onboard devices into MDE

https://emsroute.com/2024/02/01/managed-by-mde-01/

A third post from Shehan, this time looking at Enterprise app management

https://emsroute.com/2024/02/02/microsoft-intune-enterprise-app-catalog-is-here/


If you’re having any autopilot issues, it could be a Windows update as covered here by Michael Niehaus

https://oofhours.com/2024/01/26/autopilot-randomly-not-working-perhaps-kb5033055-is-to-blame/

We have a second post from Michael with an update to the excellent Autopilot branding script

https://oofhours.com/2024/01/31/autopilot-branding-app-improvements/


The latest Windows 11 build can automatically create an account for LAPS to save scripts or policies which error. If you want to disable it, follow this guide from Daniel Bradley

https://ourcloudnetwork.com/how-to-enable-automatic-account-creation-with-laps-in-intune/

We have a second post from Daniel this week showing how to deploy apps with the new Enterprise App Management which has gone GA for those with Intune Suite

https://ourcloudnetwork.com/how-to-deploy-apps-from-the-enterprise-app-catalog-in-intune/


Michael Meier also looks at the new Enterprise App catalog functionality here

https://mikemdm.de/2024/02/01/enterprise-app-catalog-now-available-in-intune-suite/


If you’re managing macOS devices, the Mac Evaluation Utility could prove useful as described here by Somesh Pathak

https://www.intuneirl.com/uncover-the-secrets-of-appleseed-part-iii-mastering-the-tools/


Thomas Marcussen has found an issue with another windows update which could cause issues with SSO

https://blog.thomasmarcussen.com/user-is-required-to-permit-sso-windows-11/


Jannik Reinhard has been experimenting with device enrollment and has potential found a way to re-enrol them without needing to wipe

https://jannikreinhard.com/2024/01/29/reenrol-devices-without-wipe/


If you have users who need to RDP into their machines, but don’t want to allow others to do so, have a look at this script from Jörgen Nilsson

https://ccmexec.com/2024/01/enable-rdp-access-only-to-the-enrolled-by-user-in-windows-using-intune/

https://ccmexec.com/2024/01/enable-rdp-access-only-to-the-enrolled-by-user-in-windows-using-intune/


With the release of the LAPS account creation in the latest canary builds, Rudy Ooms has gone digging to find out how it all works, many flow charts within…

https://call4cloud.nl/2024/01/windows-laps-under-the-hood-automatic-account-management/

Rudy also has a deep dive into the new Device Query functionality to see how it all works here

https://call4cloud.nl/2024/02/device-query-a-mad-max-feature/

A third post from Rudy, this time troubleshooting device query

https://call4cloud.nl/2024/02/five-push-notifications-at-device-query/


If you’re one of those with issues installing Windows updates due to recovery partition sizes, Nick Benton has instructions here on how to fix it using remediations

https://memv.ennbee.uk/posts/winre-parition-resize-kb5034441/


Learn how to use Group Policy Analytics to assist in your cloud migration in this post from Niklas Rast

https://niklasrast.com/2024/02/01/transitioning-from-group-policy-objects-to-intune-configuration-profiles-a-modern-approach-to-client-management/


We also have Device Query now in GA for Intune suite users which may look familiar to those who use (or used) CMPivot. Learn all about it here from Chris Hudson

https://www.threesixtythrive365.com/post/intune-device-query-intune-advanced-analytics


Joost Gelijsteen also tests the new Device Query functionality in this post

https://joostgelijsteen.com/intune-device-query/


If you allow BYOD, MAM is essential to protecting your data. This post from Tom Machado runs through configuring it and the end user experience

https://poemtomdm.fr/2024/02/01/intune-mam-policies-the-key-to-protecting-data-on-unmanaged-devices/


Learn how to deploy power plans using remediations in this post from Trevor Jones

https://smsagent.blog/2024/02/01/deploying-a-custom-power-plan-with-intune-remediations/


The latest insider build also includes support for Config Refresh. This post from Nicklas Olsen shows how to configure it

https://www.learnintune.net/config-refresh/


Next, Peter Klapwijk has a script to automatically set the time zone during Autopilot OOBE

https://www.inthecloud247.com/automatically-configure-the-time-zone-during-autopilot-enrollment/


With the many new releases for the Intune suite, Niklas Tinner runs through exactly what is included now

https://oceanleaf.ch/unboxing-the-intune-suite/


Video Content

Now onto the video content, starting with a look at how to handle conflicts when using Apple Business Manager federation from Dean Ellerby

https://www.youtube.com/watch?v=mYZyjxSjNmY


Next, Steven Weiner extends the series looking at the PowerShell SDK, this one covering invoking web requests.

https://www.youtube.com/watch?v=ccwqYg4NxUM

Steve’s second video shows how to make a POST call in Graph to create items within Intune/Entra

https://www.youtube.com/watch?v=C2ldqZD8JXI&feature=youtu.be

Putting everything learned from the previous videos together, Steve demonstrates how to use these new skills to create a script to cleanup primary users

https://www.youtube.com/watch?v=DgZhzjHBzik

Steve is joined by Dominick Fidotta to discuss Intune macOS management in the latest podcast

https://www.youtube.com/watch?v=Xti6-6KrWQ8


The latest unpacking endpoint management episode is here featuring Clay Taylor, Rachelle Blanchard, Steve Thomas and Danny Guillory Jr. This one covers zero trust, the secure future initiative and more

https://www.youtube.com/watch?v=Dvh04dXiuBU


Niklas Tinner has released the next episode of the Win365 starter series, this one covers reporting and remote actions from the Intune console

https://www.youtube.com/watch?v=aNxTOgfRzWI


The latest intune.training video is here, this one covers device compliance with Adam Gross and Steven Hosking

https://www.youtube.com/watch?v=GFfiPz3B638


Chander Mani Pandey looks at the Enterprise App Management functionality in this video

https://www.youtube.com/watch?v=KmuCQZW4qSY


As we have seen, lots of new Intune Suite features have gone GA so the Windows IT Pro team have released videos explaining them all:

Tunnel for MAM

https://www.youtube.com/watch?v=-s_tBW_XQu0

Enterprise app management:

https://www.youtube.com/watch?v=8GMGiDxyFg0

Advanced Analytics

https://www.youtube.com/watch?v=DSMCkPLiMac

EPM

https://www.youtube.com/watch?v=N3X2JGdXqDE

Management of speciality devices

https://www.youtube.com/watch?v=YTNuKXIni38

Remote help:

https://www.youtube.com/watch?v=jxzoU7qYRZ8

Cloud PKI:

https://www.youtube.com/watch?v=wJfL55viYjg

Also a Microsoft mechanics video on the whole suite

https://www.youtube.com/watch?v=FLcX9-uXlKY


Microsoft Content

We start the Microsoft content this week with some best practice recommendations when starting your device cloud journey from Jason Roszak

https://www.microsoft.com/en-us/microsoft-365/blog/2024/01/29/best-practices-in-moving-to-cloud-native-endpoint-management/


You can now run a report on expedited update readiness in Graph, find out more here with Surabhi Calla

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/device-readiness-checks-for-expedited-windows-quality-updates/ba-p/4043941


That’s it for this week, have an amazing weekend and to those of you attending the Workplace Ninja UK meetup next week, I’ll see you there!

1 thought on “Intune Newsletter – 2nd February 2024”

Leave a Comment