The end of the school holidays approaches quickly and the routine will soon begin again. I’m having a final week off to make the most of it before flying to Dortmund next week for the Cloud Identity Summit
It’s been a busy week for Intune this week with a lot of content for you to enjoy!
Community Content
We start this week with the sixth part of the app control series from Patrick Seltmann, this one covering why you should sign your policies for added protection
Mastering App Control for Business | Part 6: Sign, apply and remove signed policies
Whilst not strictly Intune related, this excellent new AI app from Jannik Reinhard is worth looking at to elevate your document management
Document Manager: Using Azure AI Foundry or OpenAI for my paperless office
You definitely don’t want users adding personal OneDrive accounts to their corporate devices, that’s asking for a data leak. Learn how to block the message prompting them to do just that in this post from Peter van der Woude
Managing the usage of personal Microsoft accounts in the OneDrive app
If you are licensed for EPM either individually, or via a suite license, here are some excellent tips for managing elevation on system configurations from Michael Meier
Maksymilian Olowski has created a new tool here to explain the output of dsregcmd to help with troubleshooting
Conditional access is critical for a secure environment, but often not given the attention it deserves. Here is an excellent guide from Shehan Perera to ensure you are securing your tenant properly
From Blind Spots to Control: Governing Conditional Access Policies
If for any reason you need to offboard a device from MDE using Intune, try this guide from Rahul Jindal
https://rahuljindalmyit.blogspot.com/2025/08/defender-offboarding-using-intune-edr.html
After a brief introduction and then rapid removal, quality updates are back during OOBE and you can now manage if you want them or not via Intune (for APv1). Learn more here from Mads Johansen
https://evil365.com/intune/QualityUpdates-During-AutopilotEnrollment/
If you want an overall picture of all security settings across the various portals, try effective settings in the MDE portal as covered here by Anthony Porter
https://securingm365.com/defenderxdr/defenderendpoint/effectivesettings/
This is one I see asked a lot, how can timezones be set automatically with a global workforce (especially in countries with multiple timezones). Here is a script from Florian Salzmann to do just that!
https://scloud.work/automatically-set-the-time-zone-in-intune-autopilot/
Windows Backup for Organisations is now GA (official announcement in the Microsoft content below). Learn how to configure it (including the requirements) in this post from Joery Van den Bosch
Next, Michael Frank looks at using PSADT for application deployment
https://michaelsendpoint.com/intune/PSAppDeployToolkit.html
An excellent new utility from Sandy Zeng, upload two policy files and compare them easily
Ewelina Paczkowska continues a deep dive into Conditional Access, this one looks at Restricted Units, Named Locations, Service Principals and a lot more, well worth checking out!
RDP Multipath is here for AVD, learn how to enable it in this post from Alex Durrant
RDP Multipath: Finally, Some Relief for Those Dodgy AVD Connections!
Video Content
Now for the video content, starting with a couple of SCCM tutorials from Dean Ellerby, the first covering boundaries and sites
The second covers configuring your distribution point
Dean also has a third video showing how to manually add your MacOS devices to ABM using configurator
Learn how to use CA to stop risky users from adding MFA in this video from Jonathan Edwards
The latest Windows 365 AMA is now live featuring Christian Montoya, Donna Ryan, Andrej Radinger and Logan Silliman
Next, Steve Weiner looks at the new device protection added to multi-admin approval
Microsoft Content
Onto this weeks Microsoft content, starting with the official announcement for quality updates during OOBE from Victoria Wang
Next, Stefan Kinnestrand looks at the vision for DaaS and how all of the Microsoft products tie together to make one ecosystem
We also have the official announcement of Windows Backup for Organizations from Miranda Leschke
Saurabh Sarkar covers some kiosk use cases and how to configure them with Intune here
That’s all for this week. Have a great weekend and if you’re in Dortmund next week, stop by and say hi (I’ll be at or around the Software Central/Robopack booth)