Welcome to another Intune newsletter filled with astounding content from this incredible community!
Community Content
We start this week with a look at the often underused filters with Joost Gelijsteen, the only way to exclude devices from user based assignments!
https://joostgelijsteen.com/filtering-youre-way-around
Next, Peter van der Woude looks at options when dealing with Windows BYOD (whilst avoiding enrolling them)
https://www.petervanderwoude.nl/post/working-with-personal-windows-devices
We now have two posts from Rahul Jindal, the first looking at how to use conditional launch with MAM and the end user experience
https://rahuljindalmyit.blogspot.com/2024/05/using-conditional-launch-in-intune-app.html
Rahul’s second post demonstrates how to give your macOS users access to Visio
https://rahuljindalmyit.blogspot.com/2024/05/microsoft-visio-for-macos.html
If you’re hitting issues with certificate connectors, this in-depth post from Joymalya Basu Roy has troubleshooting steps for you to follow
https://joymalya.com/intune-certificate-connector-certificate-expired
Michael Meier continues the config as code series, this one demonstrating how to create a custom OMA-URI WDAC policy in Azure Devops
https://mikemdm.de/2024/05/12/create-wdac-policy-in-azure-devops-config-as-a-code-part-3
If you are using Enterprise SSO and want to switch to Platform SSO, this post from Florian Salzmann will help make it a smooth transition and avoid 10002 errors
https://scloud.work/intune-assigment-error-10002-platform-sso
Florian also runs through using Platform SSO and Entra Join on your macOS devices
https://scloud.work/entra-join-platform-sso-for-macos-with-intune
To use LAPS, you (currently) need to create an admin account first. Learn the different ways of doing so in this post from Curtis Cannon
https://traversecloud.co.uk/create-local-accounts-on-managed-devices-with-intune
One of the key advantages of using Endpoint Security settings over standard config policies is that you can delegate access to the security team without letting them see everything. Follow this guide from Jan Mulder to see how to set up the permissions from within MDE
https://wolkenman.wordpress.com/2024/05/15/mde-intune-permissions
With the recent security risk from Quick Assist, Jan also has a remediation here to remove it
https://wolkenman.wordpress.com/2024/05/17/remove-quick-assist
Jon Towles has released the second part of the Windows 11 best practice series, this one covers your security policies
https://mobile-jon.com/2024/05/14/windows-11-best-practices-part-two-security
This post from Thomas Marcussen shows how to use Intune for the ultimate Apple Device management experience
https://blog.thomasmarcussen.com/enhancing-apple-device-management-with-microsoft-intune
If you need a bit of flex in your W365 frontline licensing, check out concurrency buffer as covered here by Dominiek Verham
https://techlab.blog/the-frontline-concurrency-buffer-explained
Niklas Tinner looks at using exclusions and access packages with Conditional Access to improve your security posture
https://niklastinner.medium.com/conditional-access-exclusion-management-ea1495fdd820
Video Content
Now onto the video content, starting with a demo of Platform SSO from Steven Weiner
If you’re using the excellent autopilot branding script but noticed an issue with the search icon, Steve has you covered in this second video
Steve also demonstrates how to use Windows Sandbox for app testing
Learn all about Copilot for Security from the Microsoft experts including some exciting demos, featuring Lavanya Lakshman, Mike Danoski, Zach Dvorak, Ravi Ashok and Amit Ghodke
Next, Dean Ellerby looks at the new Cloud version of Patch My PC
Next, Andy Jones runs through how to setup and use platform SSO for macOS
Microsoft Content
Now for the Microsoft content this week, starting with a look at how to protect your corporate data in Edge using conditional access and app protection from Santos Martinez
If you have Teams devices running as Device Admin, this is a must read from Tabish Javed
That’s all for this week, have an amazing weekend!