It was great to meet some of you in Oslo this week and hopefully more of you in Edinburgh early next week. This incredible community has still found time to get some exciting content out for you though.
Community Content
We start this week with an excellent new script from Niels Kok to quickly check if you have drift between policy settings on your managed tenants
Another week, another browser extension run-through from Peter van der Woude, this time the Defender Browser Protection extension for Chrome
Getting started with the Microsoft Defender Browser Protection extension for Google Chrome
Shehan Perera has the second part of the cloud endpoints series, this time looking at some of the reasons organizations are hybrid joining devices
2. Cloud Native Endpoints: Why are You on Entra Hybrid Joined Today?
And part three, looking at planning your migration
Learn how to use MDE to rapidly block unwanted apps, but with the all-important over-ride for your VIPs in this post from Dustin Gullett
Dustin also covers how adding personal data encryption on-top of BitLocker helps further secure your data, how to consider it and what happens if someone tries to bypass it
Getting a fresh start menu onto new devices is a more painful process on Windows 11 involving a start2.bin file. If you want to deploy to your users during OOBE but without having to deploy files, check out this post from Sander Rozemuller
https://rozemuller.com/deploy-initial-start-menu-during-intune-enrollment-without-files/
Next, Thomas Marcussen looks at using indicators in MDE
For those of you in the EU, if you’re tired of the SSO prompt for Microsoft apps, Torbjorn (Mr T-Bone) Granheden has a solution for you
Central Accept Of “Continue to Sign In” Dialog Deployed With Intune
If you are using WOW6432Node hard-coded in your detection rules, you might want to give this post from Jeff Pollock a read
Always as the forefront of macOS news, Somesh Pathak looks at the new features announced in WWDC25, especially an easy way to migrate MDM (ideally to Intune)
Tugay Taskin has update the Setup Packager tool to support PSADT4. If you haven’t used it before, check it out here
https://github.com/tugich/SetupPackagerIntune
Next, Michael Frank looks at all of the exciting features you get with Advanced Analytics (part of Intune Suite)
https://michaelsendpoint.com/intune/intune_suite/advanced_analytics.html
If you want to have the ability to block apps on macOS, there is an open source tool called Santa to help. Learn how to use it here from Tom Machado
Block macOS Unwanted Applications using Microsoft Intune and Santa
Video Content
Now for the video content, with another look at remediation scripts from Manish Bangia and how you can use them just to detect issues in the environment
Next, Chander Mani Pandey runs through a script to detect what is managing updates on a device
The first of two videos from Steve Weiner covers how to manage your new Windows 365 Link devices (the device itself) with Intune
Steve also continues looking at Endpoint security, this time looking at Attack Surface Reduction in particular
John Savill looks at the new QR code authentication for frontline workers, including how to configure it and how to login with it
Microsoft Content
Now for the Microsoft content starting with a look at using device control within MDE for macOS
Chris Tulip runs through the new RBAC functionality for Autopatch here
That’s all for this week, have an amazing weekend and I’ll see some of you in Edinburgh!