Community Content
We start this week with a remediation to remove Quick Assist from your corporate devices from Martin Bengtsson
Next, Peter van der Woude looks at all of the available security options available when dealing with personally owned Windows devices
Damien Van Robaeys has released the latest part of the Log Analytics getting started guide. This one demonstrates how to access Log Analytics queries from inside Azure runbooks
https://www.systanddeploy.com/2024/05/starting-with-log-analytics-part-9.html
If you need your devices fully updated at the end of Autopilot, try this script from Pavel Mirochnitchenko
https://www.linkedin.com/pulse/patching-windows-during-autopilot-pavel-mirochnitchenko-cglof
Michael Meier has the next part of the config as code series, this one showing how to deploy App Control for Business XML policies using Azure DevOps
For those starting the cloud native journey, this post from Jannik Reinhard is well worth checking out with some useful tips to get started
https://jannikreinhard.com/2024/05/19/cloud-native-endpoint-deployment
If you have been following the other posts from Nick Benton, this final part merges it all into one script to rule them all. If you haven’t read the previous posts, start with the first one to understand what this script achieves
https://memv.ennbee.uk/posts/windows-11-risk-based-deployment-part4
Config Refresh is coming soon to Intune, this post from Shehan Perera compares the refresh cycles between the existing functionality and the new option
https://emsroute.com/2024/05/22/policy-configs
If you saw the news about config refresh, but wonder why it isn’t working for you yet, check out this post from Rudy Ooms
https://call4cloud.nl/2024/05/nobody-makes-me-config-refresh-my-own-provider-nobody
Rudy also looks at the recently announced Autopilot Device Preparation (v2), official announcement below
https://call4cloud.nl/2024/05/autopilot-device-preparation-first-contact
Next, Niklas Tinner runs through end-to-end macOS enrollment using Intune
https://oceanleaf.ch/kickstart-macos-management
Also on the macOS theme, Florian Salzmann looks at how to use Platform SSO with Chrome
https://scloud.work/macos-google-chrome-single-sign-on-sso-entra-id
If you’re brave enough to attempt Hybrid Autopilot, try this guide from Joery Van den Bosch (and good luck!)
For those of you migrating to Proxmox, Niels Kok shows how you can enrol your VMs into Autopilot
https://www.nielskok.tech/intune/windows-autopilot-test-in-proxmox
Learn how to encrypt your email with cloud PKI in this post from Gerry Hampson
https://gerryhampsoncm.blogspot.com/2024/05/secure-email-with-intune-cloud-pki-in.html
Learn how to use Entra Private access to connect to Azure File Shares here with Peter Klapwijk
https://www.inthecloud247.com/connect-to-azure-file-shares-with-microsoft-entra-private-access
Video Content
Onto the video content, starting with some sandbox fun from Steve Weiner, starting with a look at customizing it using PowerShell
Steve then looks at the run in sandbox tool to quickly launch apps in your newly customized sandbox environment
Steve also has a new podcast episode, this one interviewing Michael Niehaus to discuss all things Autopilot
Steve has had a busy week, this video covers mapping drives on cloud native devices
Next, Dean Ellerby looks at how Robopack can help with your application management and patching
Andy Jones looks at the new Android Device Staging functionality (read more in the Microsoft content below)
This video from Chander Mani Pandey covers enrolling Linux devices and the .toml file it uses
Microsoft Content
We have a lot of exciting announcements from Microsoft this week as well starting with a look at zero trust enrollment of macOS devices into MDE using Intune from Arnab Mitra
There is a new step available for Android enrollment to let vendors and third parties do the initial profile enrollment using “device staging”. Find out more here from Akriti Srivastava
A very popular announcement, you can now deploy feature update policies as optional so users can decide when to update. Learn more here from Surabhi Calla
Organizational Messages are moving to the M356 portal as covered here by the Intune support team
Another very exciting announcement, Autopilot V2. This is well worth checking out, thanks to Lior Bela, Maggie Dakeva, Juanita Baptiste and Ele Ocholi
This post from Lior Bela, Priya Ravichandran and Abigail Stein covers using Intune to manage shared devices
You can now view Bitlocker recovery keys in the company portal website. Find out more here from Aasawari Navathe
Find out what’s new in the latest 2405 release with Scott Sawyer
That’s all for this week (as if that’s not enough), plus of course Windows on Arm which I am looking forward to testing! Have a great weekend