Happy Friday! This weeks MVP Summit special newsletter comes to you directly from Microsoft HQ in Redmond and due to the joys of jet-lag have been written at some wild times in the mornings! I have met many fantastic people this week both from the community and from Microsoft, thanks to everyone involved.
Community Content
We start this week with some excellent scripts from Torbjorn (Mr T-Bone) Granheden to both deploy the new Teams client as a Win32 app, but also clean-up any versions of the old MSI version
https://www.tbone.se/2024/03/13/deploy-new-teams-with-intune/
Next, Dominiek Verham looks at the experience when connecting to a cloud PC using a thin client machine
https://techlab.blog/using-thin-clients-to-connect-to-w365-or-avd/
If you are managing macOS devices, you may have noticed that Settings Catalog doesn’t include options for Google Chrome. Fortunately, Salona Sahni has a guide here for configuring it using a preference file
Salona has also released part 10 of the MDE series which covers testing your newly created environment and configuration
https://www.cubicsolutions.de/mde-series-part-10-microsoft-defender-for-endpoint-testground/
In case you haven’t heard, there is new AI technology which is proving quite popular. In this post, Somesh Pathak creates an AI agent connected to Intune to handle user queries
Never let your Apple certificates expire, some will be particularly painful! To generate alerts in Teams when they are due for renewal, read this guide from Arno van Dijk
Tugay Taskin has released an update to the excellent Setup Packager tool which can take an app setup file and wrap it into an Intunewin using PSADT. Check it out below
https://blog.tugi.ch/scripts-and-tools/setup-packager-for-intune
If you manage multiple tenants, or even just configure them for customers, you may have a selection of Firewall rules which are re-used over and over again. If this sounds familiar, have a look at these scripts from Nick Benton to generate reusable firewall settings via PowerShell
https://memv.ennbee.uk/posts/resusable-firewall-settings-microsoft-online/
Niklas Tinner looks at all things EPM here, what it does, how to configure it and how it works
https://oceanleaf.ch/endpoint-privilege-management/
Niklas also looks at how to work around the current EPM restriction to allow it for files other than .exe
https://niklastinner.medium.com/intune-epm-enable-for-all-app-types-a5856539bbe6
For those of you just starting your Intune journey, Claus Blaabjerg Hansen has released the third part of this series, this one covering enrolling your first Autopilot device
Whilst in an ideal world everything would live in the cloud, there are still times where you need to access on-prem resources. As a VPN alternative, Entra Private Access is well worth checking out as covered here by Tim Beer
Damien Van Robaeys has released part 5 of the excellent Logic Apps getting started guide, this one looks at authenticating to Graph using a user-assigned managed identity
https://www.systanddeploy.com/2024/03/getting-started-with-logic-apps-part-5.html
If you want to create your own Intune CoPilot (and who doesn’t!), follow this guide from Jannik Reinhard and you’ll be up and running in no time!
https://jannikreinhard.com/2024/03/10/create-your-own-intune-co-pilot-using-copilot-studio/
Next, Shehan Perera looks at how you can use Group Policy Analytics within Intune to help you on your cloud native journey
https://emsroute.com/2024/03/09/gpanalytics/
If you are using AVD for BYOD, you will no doubt want to disable clipboard transfer. To help you quickly set this up, Sander Rozemuller shows you how to automate it in this post
https://www.rozemuller.com/configure-avd-clipboard-transfer-direction-automated/
Next, Michael Niehaus does some detective work to see if you can find the content of an ESD file without having to download the whole thing
https://oofhours.com/2024/03/09/whats-actually-in-a-wim-or-esd-file/
Manish Bangia looks at device configuration workloads between SCCM, GPO and Intune, which wins and how to troubleshoot
https://www.manishbangia.com/device-configuration-workload-for-mdm-policy-and-sccm-co-management/
Next, Daniel Bradley has released a useful tool to find the tenant ID from the tenant domain without needing access
https://ourcloudnetwork.com/how-to-a-find-microsoft-365-tenant-id-without-tenant-access/
Intune platform scripts can be a black hole, once uploaded you can’t see what’s inside them unlike remediations. Fortunately Brad Wyatt has a script here to retrieve them and either display inline or export to a folder
Video Content
Now onto the video content with many many videos from Steven Weiner 🙂
We start with a fix for anyone struggling to exclude Intune Enrollment from Conditional Access policies
Next, Steve looks at how to use Entra Access packages to give your users access to a licensed Windows 365 cloud PC
If you are using the Autopilot branding script, learn how to change it without having to re-package as a Win32 app each time.
We also have the latest intune.training video featuring Adam Gross and Steven Hosking. This video looks at device configuration policies
Microsoft Content
And on to the Microsoft content with the exciting release of Copilot for Intune from Stefan Kinnestrand
That’s all for this week, have a fabulous weekend and for those travelling back from the summit, a very safe journey!