Another week, another load of amazing community content! Next weeks newsletter may be slightly delayed as I’ll be in Tallinn for the Cloud Technology Town Hall. If you are there, pop by and say hello!
A special gift this week. I am on the organizing panel for Workplace Ninjas UK and we are holding an event in Edinburgh in June with some truly excellent speakers. As a thank you for reading my ramblings each week, you can get 35% off the ticket price using the code “IntuneNewsletter“. Plus you get to meet me in person (optional, you can also avoid me).
Find out more and book tickets here:
Community Content
We start this week with an update to the excellent Deployment Editor from Tugay Taskin to test applications straight in Windows Sandbox and now supporting PSADT 4
Deployment Editor and Windows Sandbox – One-click testing of application deployments
Learn how to create and update iOS app provisioning profiles here from Anand P
https://www.cloudtekspace.com/post/updating-the-provisioning-profile-of-ios-apps-using-intune
If you’re having issues with the 24H2 feature update and happening to be running RSAT on these devices, check out the fix here from Mads Johansen
https://evil365.com/feature%20updates/24H2FeatureUpdate-Issue/
We now have two posts from Rudy Ooms, starting with some dll digging around dual enrollment and workplace join devices with some exciting flow-charts!
Rudy’s second post looks at how to enrol your tenants into MMP-C using the Rudy method
Next, Florian Salzmann looks at the new screenshot blocking functionality for MAM on iOS
https://scloud.work/finally-blocking-screenshots-in-mam-for-ios-ipados-%f0%9f%8e%89/
Dustin Gullett has part two of the Entra Private access series, this one covers deploying the app, stopping users from switching it off and then using conditional access to protect it all
https://www.getrubix.com/blog/exploring-microsoft-entra-private-access-part-2
If you use Hololens and want to see what’s inside the new security baseline, check out this post from Jesse Weimer
https://www.getrubix.com/blog/slappin-the-baseline
Quickly provision your Entra users with the magic of Graph by following this guide from Jóhannes Geir Kristjánsson
After updating a Windows 365 device to 24H2, the shutdown button may mysteriously re-appear which you really don’t want! Ola Ström shows how to hide it again here
Hide the shutdown button in Windows 365 after update to Win 11 24h2
Peter van der Woude covers how to enable tamper protection via Intune and what it can do on your Windows devices
Working with tamper protection on Windows devices to protect security settings
We have another excellent script from Ben Whitmore, this one can quickly generate Intune reports via Graph with a nice UI to select from and better still, you can automate it!
https://github.com/byteben/MEM/tree/main/Intune/Intune%20Reports/Get-IntuneReport
Next, Nick Benton covers the requirements for Bitlocker key rotation and the various ways to configure it
https://www.oddsandendpoints.co.uk/posts/bitlocker-key-rotation-requirements/
Rahul Jindal looks at enrolling iOS devices from another device here for environments which require certificates for enrollment
https://rahuljindalmyit.blogspot.com/2025/01/is-it-possible-to-enrol-device-in.html
If you need to keep your background images regularly updated, this automation from Gannon Novak will help you along
https://smbtothecloud.com/auto-rotate-background-lock-screen-images-with-az-automation-graph-api/
Some people have had issues with losing internet access after 24H2 upgrade. Harm Veenstra has a remediation script here to fix the issue
Fixing Windows 11 24H2 – No Internet Access Issue using PowerShell and Intune Remediation
Trevor Jones has been testing AI scripting abilities here to create a script to set the timezone during Autopilot
Harnessing AI in PowerShell: Create a TimeZone Script for Windows Autopilot with AI
Next, we have a remediation script from Niels Kok to install Hyper-V and then add the current user to the Hyper-V admins group
Install Hyper V and add current user to Hyper V administrators
This in-depth post from Oktay Sari covers MAM, URL protocols and ensuring your data does not leak, well worth a look!
https://allthingscloud.blog/ios-mam-policies-discovering-url-protocols-and-data-transfer-exceptions/
Video Content
Now for the video content, starting with a Windows 365 getting started guide from Steve Weiner
Next, Nickolaj Andersen, Mattias Melkersen Kalvåg and Peter van der Woude look at how to improve Windows update reporting
Secure your Windows 365 and AVD cloud PCs with these tips from Dean Cefola
Can Entra private access replace your traditional VPN? Dean Ellerby investigates here
The latest Windows in the cloud is here, looking at security best practices for your cloud machines with Christiaan Brinkhoff, Pratik Shah, Lavanya Kasarabada and David Bélanger
That’s all for this week, have a great weekend!