Intune Newsletter – 10th May 2024

Welcome back to all of you who have been at MMS, I look forward to hearing the stories! I’ve even seen some posts this week written whilst there, that’s dedication!

We have had some big Microsoft announcements in macOS management this week too, check them out below

Community Content

Quick off the mark this week is Somesh Pathak with a number of posts looking at the new macOS functionality, starting with a deep dive into Platform SSO and troubleshooting steps:

Next, Somesh looks at how secure enclave works with platform SSO to secure your devices

The third post from Somesh includes a script to create a comprehensive application inventory of your macOS devices

With passkeys now in private preview, learn all about them and how to implement them here with Jonas Bøgvad

Next, Torbjorn (Mr T-Bone) Granheden looks at how you can use Entra Global Secure access to provide zero trust access to on-prem resources for your remote workers

Now for three deep dives from Rudy Ooms, the first looking at exactly what’s happening during the “Registering your device for mobile management” phase in ESP

If your enterprise activation has broken due to a new KB, check out the fixes in Rudy’s second post

Another troubleshooting special, for anyone struggling to install the EPM agent on hybrid devices, this post has you covered

This post from Niklas Tinner is an excellent overview of Intune macOS capabilities and what is coming soon

Jon Towles has another excellent blog series, this one covering best practices for Windows 11. The first installment covers onboarding devices

Next, Nick Benton has the third part of the series covering Windows 11 phased deployment based on risk, this one covering the feature update policies

We have a second post from Nick this week, this one looks at configuring Chrome with platform SSO on macOS

Graph is an incredibly powerful tool and one I think all Intune and Entra admins should know (I’ve even heard there is a book on it!). Once you get into larger tenants, you may start hitting throttling though. This post from Sander Rozemuller looks at your options

For a smooth transition from 32-bit to 64-bit office, try this approach from Daniel Gebler using PSADT and ODT

Damien Van Robaeys has created a new dashboard, this one to display if your Lenovo devices are running a current BIOS version

This post from Peter Klapwijk includes a useful logic app to alert users when their device is out of date

Direct from MMS, Simon Skotheimsvik runs through how to retrieve scripts uploaded to Intune

Next, Ola Ström looks at some tips and tricks when using the Intune console

Learn how to use web based enrollment for iOS here with Jonathan Lefebvre

Niall Brady continues the excellent series on user-provisioned device cleaning for purchasing themselves. This one includes scripts and azure functions for logging and a look at the full process

Whilst your cloud PCs are often easier to manage, they still need some TLC now and again. Learn all about using cloud PC maintenance windows here with Dominiek Verham

If you’re hitting an error with a large site-to-zone policy, you can find your answer here from Mads Johansen

Video Content

Now onto the video content, starting with many videos from Steven Weiner starting with a look at how to use Azure automation with PowerShell to run scripts from your device without needing to share app reg secrets.

Steve’s second video shows how to use toast notifications on first boot after Autopilot to send users to company portal–HGI

If you need to detect whether your device is still in OOBE, follow this video

Steve’s final video this week demonstrates configuring and using Windows 365 boot

Plus part two

This excellent video from Rachelle Blanchard, Mabel Gomes, Santoshi Kandula looks at all things Graph for Windows and Intune including the product lifecycle

The one you’ve all been waiting for, platform SSO for macOS is here…

The Log Analytics agent is being deprecated soon. If you’re using it in your AVD configuration, follow this video from Dean Cefola to update your environment

You can now upload directly to Intune from Master Packager as demonstrated in this video

Microsoft Content

A lot of excitement around this one, learn all about platform SSO for macOS direct from the main source for all Intune and macOS news, Lior Bela

Lior also has news on device attestation for mobile devices (some selected ones initially)

That’s it for this week, have a great weekend!

Leave a Comment