Intune Newsletter – 29th August 2025

The end of the school holidays approaches quickly and the routine will soon begin again.  I’m having a final week off to make the most of it before flying to Dortmund next week for the Cloud Identity Summit

It’s been a busy week for Intune this week with a lot of content for you to enjoy!


Community Content

We start this week with the sixth part of the app control series from Patrick Seltmann, this one covering why you should sign your policies for added protection

Mastering App Control for Business | Part 6: Sign, apply and remove signed policies


Whilst not strictly Intune related, this excellent new AI app from Jannik Reinhard is worth looking at to elevate your document management

Document Manager: Using Azure AI Foundry or OpenAI for my paperless office


You definitely don’t want users adding personal OneDrive accounts to their corporate devices, that’s asking for a data leak.  Learn how to block the message prompting them to do just that in this post from Peter van der Woude

Managing the usage of personal Microsoft accounts in the OneDrive app


If you are licensed for EPM either individually, or via a suite license, here are some excellent tips for managing elevation on system configurations from Michael Meier

Intune Endpoint Privilege Management tips and tricks


Maksymilian Olowski has created a new tool here to explain the output of dsregcmd to help with troubleshooting

https://www.intunediag.com/


Conditional access is critical for a secure environment, but often not given the attention it deserves.  Here is an excellent guide from Shehan Perera to ensure you are securing your tenant properly

From Blind Spots to Control: Governing Conditional Access Policies


If for any reason you need to offboard a device from MDE using Intune, try this guide from Rahul Jindal

https://rahuljindalmyit.blogspot.com/2025/08/defender-offboarding-using-intune-edr.html


After a brief introduction and then rapid removal, quality updates are back during OOBE and you can now manage if you want them or not via Intune (for APv1).  Learn more here from Mads Johansen

https://evil365.com/intune/QualityUpdates-During-AutopilotEnrollment/


If you want an overall picture of all security settings across the various portals, try effective settings in the MDE portal as covered here by Anthony Porter

https://securingm365.com/defenderxdr/defenderendpoint/effectivesettings/


This is one I see asked a lot, how can timezones be set automatically with a global workforce (especially in countries with multiple timezones).  Here is a script from Florian Salzmann to do just that!

https://scloud.work/automatically-set-the-time-zone-in-intune-autopilot/


Windows Backup for Organisations is now GA (official announcement in the Microsoft content below).  Learn how to configure it (including the requirements) in this post from Joery Van den Bosch

Introducing – Windows Backup for Organizations with Intune


Next, Michael Frank looks at using PSADT for application deployment

https://michaelsendpoint.com/intune/PSAppDeployToolkit.html


An excellent new utility from Sandy Zeng, upload two policy files and compare them easily

https://intunediff.com/


Ewelina Paczkowska continues a deep dive into Conditional Access, this one looks at Restricted Units, Named Locations, Service Principals and a lot more, well worth checking out!

https://www.welkasworld.com/post/conditional-access-essentials-rmaus-named-locations-authentication-strengths-service-principals


RDP Multipath is here for AVD, learn how to enable it in this post from Alex Durrant

RDP Multipath: Finally, Some Relief for Those Dodgy AVD Connections!


Video Content

Now for the video content, starting with a couple of SCCM tutorials from Dean Ellerby, the first covering boundaries and sites

The second covers configuring your distribution point

Dean also has a third video showing how to manually add your MacOS devices to ABM using configurator


Learn how to use CA to stop risky users from adding MFA in this video from Jonathan Edwards


The latest Windows 365 AMA is now live featuring Christian Montoya, Donna Ryan, Andrej Radinger and Logan Silliman


Next, Steve Weiner looks at the new device protection added to multi-admin approval


Microsoft Content

Onto this weeks Microsoft content, starting with the official announcement for quality updates during OOBE from Victoria Wang

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/get-ready-for-windows-quality-updates-out-of-the-box/ba-p/4434498


Next, Stefan Kinnestrand looks at the vision for DaaS and how all of the Microsoft products tie together to make one ecosystem

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/reimagining-work-microsoft-s-vision-for-the-future-of-desktop-as/ba-p/4448016


We also have the official announcement of Windows Backup for Organizations from Miranda Leschke

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-backup-for-organizations-is-now-available/ba-p/4441655


Saurabh Sarkar covers some kiosk use cases and how to configure them with Intune here

https://techcommunity.microsoft.com/blog/IntuneCustomerSuccess/from-the-frontlines-managing-common-kiosk-scenarios-in-your-business/4448854

 


That’s all for this week.  Have a great weekend and if you’re in Dortmund next week, stop by and say hi (I’ll be at or around the Software Central/Robopack booth)

Leave a Comment