Intune Newsletter – 27th January 2023

Welcome one and all to a rollercoaster ride of Intune goodies, I can feel the excitement already!

Community Content

We start this week with part 8 of Jeffrey Appel‘s excellent series on Defender for Endpoint, this time getting to grips with KQL queries when hunting and setting up custom detections. (LinkedIn)


Disabling Extensions on Edge is a nice simple task in Intune, but what if you have to manage other browsers? This post from Dujon Walsham provides scripts you can use to control Chrome and Firefox on Windows devices via Proactive Remediations (LinkedIn)


Not strictly Intune, but I’m sure we all spend a lot of time working in PowerShell. This post from Harm Veenstra demonstrates how much quicker your scripts can run if you use server side filtering instead of within the script (LinkedIn)


Robin Hobo has put together a full guide to deploying a machine using Autopilot which is extremely thorough and well worth reading! (LinkedIn)

https://www.linkedin.com/pulse/windows-autopilot-ultimate-step-by-step-deployment-guide-robin-hobo/


Should you find yourself in the position of having to investigate a member of staff, with physical hardware it’s easy enough just to grab the device and quarantine it, but what about Windows 365 machines? This post from Jitesh Kumar demonstrates how to place a Win365 machine under review for forensics (LinkedIn)

https://www.anoopcnair.com/place-windows-365-cloud-pc-under-review/


The clock is ticking until number matching is forced to MFA users. To test it now, have a look at this post from Daniel Bradley (LinkedIn)


Peter van der Woude looks at Multi-Admin Approvals in this post including setting up and the experience when using them


Whilst most will use Windows 365 with the standard Microsoft network connection, there may be times where you need to deploy to an Azure Network connection. To configure this via PowerShell (and why wouldn’t you), grab this script from David Brook (LinkedIn)

https://euc365.com/post/create-windows-365-azure-network-connections-powershell/


Shehan Perera looks at securing your data when dealing with BYOD in this first part of a new series, this one looks at Conditional Access, Terms of Use and enrollment restrictions (LinkedIn)

https://shehanperera.com/2023/01/21/byod-01/


Next, Nick Benton looks at managing iOS devices using Graph and PowerShell with some very useful scripts (LinkedIn)

https://memv.ennbee.uk/posts/apple-ade-profile-assignment/


If you are using custom detection rules, have a read of this post from Gannon Novak which describes issues you may have with logs and troubleshooting and some tips when writing your scripts. Future you will thank you! (LinkedIn)


Some exciting news, notepad now supports tabs! To find out more, read this post from Prajwal Desai (LinkedIn)


Scope tags are an excellent way to delegate control of specific parts of Intune, especially when dealing with single-tenant with multiple sub-departments within in. This post from Jannik Reinhard shows how to configure them and create dynamic groups based on them (LinkedIn)

https://jannikreinhard.com/2023/01/22/do-you-already-know-intune-scope-tags/


I’m sure your users prefer using Bing (to search for Google), but if you would like to default to Google directly, use a Settings Catalog as described here by Brad Wyatt (LinkedIn)


Niall Brady has updated this excellent resource for setting up Intune, W365, ConfigMgr and PKI with links to each step (LinkedIn)

https://www.windows-noob.com/forums/topic/13288-windows-365-intune-configmgr-and-pki-step-by-step-guides/


This PowerBi report from Nico Wyss uses Intune Data Warehouse to show your machines on a Windows version which is end of life (LinkedIn)

https://cloudfil.ch/powerbi-and-intune-visualizing-windows-end-of-life/


Should you find yourself needing to offboard devices from Defender for Endpoint, René Laas demonstrates how to use the API to quickly offboard the devices here

https://endpointcave.com/how-to-offboard-device-from-defender-for-endpoint-api/


Oliver Kieselbach has updated the excellent Autopilot Manager tool, well worth checking out (LinkedIn)

https://oliverkieselbach.com/2023/01/24/autopilot-manager-with-additional-automations/


If you are using MDT or ConfigMgr to bare-metal build your machines, this script from Damien Van Robaeys will upload logs to SharePoint when a task sequence fails (LinkedIn)

https://www.systanddeploy.com/2023/01/automatically-sending-task-sequence.html


Dominiek Verham has had a further look at Rimo3, this time looking at using it to package applications and how the process looks and works (LinkedIn)

https://techlab.blog/updated-how-to-package-and-test-apps-using-rimo3/

A second post from Dominiek this week, this one looking at configuring a Windows kiosk for use with AVD/Win365 access (LinkedIn)

https://techlab.blog/kiosk-mode-and-azure-ad-logins/


App based conditional access policies are a reasonably new addition to AzureAD, but well worth using. This comprehensive guide from Anand P should set you on your way (LinkedIn)

https://www.cloudtekspace.com/post/create-app-based-conditional-access-policies


Autopilot pre-provisioning can be a useful tool when trying to speed up the enrollment for end-users by pre-installing key applications. Christopher Mogis has documented the steps involved in configuring it in this post (LinkedIn)

https://www.ccmtune.fr/2023/01/windows-autopilot-and-pre-provisioned.html


Whilst Android separates data on devices, iOS doesn’t have the same restrictions so whilst you can control copy-out with an app protection policy, it doesn’t stop apps from reading-in. This post from Simon Skotheimsvik will show you how to block unauthorized apps which have crept onto the estate (LinkedIn)


Windows 11 has some strict requirements around TPM, SecureBoot and many others. If you are getting an error when trying to install it, have a look at this guide from Somesh Pathak looking at the common causes and how to resolve (LinkedIn)

https://intuneirl.com/2023/01/this-pc-cant-run-windows-11/

A second post from Somesh this week looking at all things Automation with Intune which I’m sure you’ve worked out by now is very close to my heart!

https://intuneirl.com/2023/01/modern-device-management-and-the-need-of-automation/


Also looking at TPM, Intel and AMD both have different implementations of it and the AMD one can cause issues with Autopilot. In this post, Rudy Ooms has looked at the process on AMD chips and there is light at the end of the tunnel for those of you with AMD hardware. (LinkedIn)


Storage sense is a useful tool to have on any managed device, but particularly on your cloud machines (especially multi-user). Aresh Sarkari shows how to enable it via Intune in this post (LinkedIn)


At the time of writing, the Edge Security baseline in Intune is out-dated compared to the ‘live’ version. If you are impatient and would rather create it yourself, follow this guide from Jörgen Nilsson (LinkedIn)


Next, Snehasis Pani demonstrates how to configure an antivirus policy for MacOS using Intune (LinkedIn)

https://www.anoopcnair.com/configure-macos-antivirus-policy-using-intune/


The clock is ticking for Windows 10 and by now you should really be planning for Windows 11. To help convince any C-Levels, have a look at the compelling reasons from James Robinson (LinkedIn)

https://skiptotheendpoint.co.uk/windows-10-is-dead-migrate-to-11-immediately/

Video Content

Now onto the video content this week, starting with the next in the MDE series from Harvansh Singh, this time looking at Custom Detection Rules (LinkedIn)


Somesh Pathak is a guest with the Workplace Dudes (Jeroen Burgerhout, Engin Soysal and Richard Sousa Ferreira), looking at the Windows Store, the end of basic authentication and many other things! (LinkedIn)


The latest Windows 365 AMA is now released with Christian Montoya, Elaine You, Pavithra Thiruvengadam and Donna Ryan on hand to answer questions, well worth a watch!


This video from Alex de Jong walks through onboarding devices into Defender for Endpoint using Intune (LinkedIn)


Pim Jacobs and Ronny de Jong (TechTalkDudes) look at the new Azure AD Lifecycle workflows in this video (LinkedIn)


Dean Cefola looks at ChatGPT and puts it to the test with Azure Resources in this video (LinkedIn)


This is a useful one after the events earlier this week! Chander Mani Pandey demonstrates how to configure email notifications for service health incidents (LinkedIn)

Microsoft Content

Now onto the Microsoft content this week, starting with a look at the latest updates to Windows Package Manager (Winget) from Demitrius Nelon

https://devblogs.microsoft.com/commandline/windows-package-manager-1-4/


Check out what’s new in Intune this week

https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new#week-of-january-23-2023-service-release-2301


Some new weekly skilling snacks from Harjit Dhaliwal, get this one bookmarked as there is new content added weekly!

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-skilling-snacks-bite-sized-learning-for-it-pros/ba-p/3725923


That’s it for this week, have a great weekend!

Leave a Comment