Welcome to this weeks exciting Intune news, this community never stops!
Community Content
We start with the third part of the cloud PKI series from Maxime Guillemin, this one looks at deploying cross-tenant
https://cloudflow.be/certificate-based-authentication-with-microsoft-cloud-pki-part-3
You may have some applications which require additional permissions, or want to add users of them to EPM rules without opening the door to everyone. Fortunately, Damien Van Robaeys has a script here to automatically add users to groups when an app is installed
https://www.systanddeploy.com/2024/07/automatically-add-device-to-entra-id.html
If you want user SSO to on-prem resources but still using PIN login, check out this guide from Shehan Perera
https://emsroute.com/2024/07/02/cloud-kerberos-trust-whfb-01
Joery Van den Bosch also looks at Kerberos trust for SSO including mapping your drives using Intune
https://intunestuff.com/2024/07/02/cloud-kerberos-trust-wfhb-intune
Corporate Identifiers have returned to Autopilot v2. Learn about what they do in this post from Peter van der Woude
https://www.petervanderwoude.nl/post/understanding-corporate-identifiers-for-windows-devices
Next, Michael Meier uses automation to create device categories based on device information retreieved from the Intune inventory
https://mikemdm.de/2024/06/30/automatically-set-intune-device-categories-based-on-inventory-data
This post from Rahul Jindal looks at remote help with full control for macOS and how to use Conditional Access to protect it
https://rahuljindalmyit.blogspot.com/2024/06/microsoft-remote-help-native-app-with.html
If you are hitting errors when trying to elevate command prompt via EPM, check out this debug (and fix) from Rudy Ooms
https://call4cloud.nl/2024/07/epm-error-0x8007010b-the-debugging-game
Learn all about the advantages of using the Managed Home screen for your mobile devices here with Thomas Marcussen
https://blog.thomasmarcussen.com/managed-home-screen-what-your-should-know
If you still rely on device names and are considering APv2, Nick Benton looks at your options here
https://memv.ennbee.uk/posts/windows-autopilot-v2-renaming
If you couldn’t make it to Mr T-Bone‘s session at Workplace Ninja’s UK, or want a refresher, here is the guide for passwordless onboarding with Autopilot
https://www.tbone.se/2024/07/04/passwordless-onboarding-with-autopilot
If you want to use Windows 365 with your own VNET, follow this guide from Jan Mulder
https://wolkenman.wordpress.com/2024/07/04/windows-365-azure-network-connection-anc
Video Content
Now onto the video content, starting with three videos from Steve Weiner.
The first two continue the Conditional Access series looking at the difference between managed and unmanaged devices when configuring your policies
In the third part, Steve looks at configuring conditional access for Windows application protection (MAM)
Steve then looks at using provisioning packages to rapidly on-board to Autopilot device prep including skipping some of the OOBE screens
Next, find out what’s new in the 2406 release of Intune with Nickolaj Andersen, Mattias Melkersen Kalvåg and Peter van der Woude
This video from Chander Mani Pandey runs through using Corporate Device Identifiers in Autopilot V2
Microsoft Content
Onto the Microsoft content, starting with a known issue when enabling filevault during device provisioning from the Intune Support Team
There is also a change for anyone using autopilot for existing devices, check it out here, also from the Intune Support Team
Learn all about corporate identifiers here from Madison Holdaas
That’s it for this week, have a lovely weekend!