Welcome to this weeks newsletter, a smouldering pot of goodness!
Before we start with the content, the newsletter has just hit 1000 subscribers, a landmark I never saw coming. Thanks to everyone for subscribing and especially the community for creating the content.
Community Content
We start this week with a guide to allowing and blocking external devices using Intune and ASR from Jannik Reinhard
https://jannikreinhard.com/2023/06/11/management-of-external-devices-peripherals-with-intune/
Next, we have two Windows 365 related posts from Niall Brady starting with a look at the new features in the latest update to the Windows 365 app
Niall’s second post shows how to use the troubleshooting tools within the app
You can now set what happens to your macOS devices when initiating a wipe command with the exciting “obliteration” functionality. Find out more in this post from Somesh Pathak
https://www.intuneirl.com/obliterationbehavior/
A new preview feature for Azure AD are protected actions to further secure your environment as covered here by Shehan Perera
https://shehanperera.com/2023/06/09/protected-actions-in-azure-ad-01/
Aljaz Perovsek looks at how to deploy AAD LAPS using Intune in this post
https://aljazperovsek.com/2023/06/02/windows-laps-in-the-cloud-the-future-of-password-management/
Whilst on the LAPS theme, Simon Skotheimsvik shows how to migrate from Cloud LAPS to Windows LAPS
https://skotheimsvik.no/migrating-cloud-laps-to-the-new-windows-laps
Next, Simon Hartmann Eriksen looks at how you can use Windows 365 to run your test environment using the powerful compute options available
https://www.simsenblog.dk/2023/06/12/windows-365-cloud-pc-unleashing-the-power/
Vidya M A looks at the various integrations available in Intune, both from Microsoft and 3rd party apps
https://www.anoopcnair.com/intune-integration-scenarios/
A quick, but extremely useful post from Peter van der Woude demonstrating how to use Settings Catalog to set the default credential provider for sign-in
https://www.petervanderwoude.nl/post/configuring-the-default-credential-provider/
Microsoft have updated the get-windowsautopilot script to use the Microsoft Graph modules. Find out more about what this means to you in this post from Michael Niehaus
https://oofhours.com/2023/06/12/get-windowsautopilotinfo-ps1-updated-by-microsoft-this-time/
Silvio Di Benedetto has created a guide here on connecting HP Connect to Intune for BIOS Management
If you are having trouble enabling Bitlocker on HAADJ machines, check out this post from Jeroen Burgerhout
https://www.burgerhout.org/the-bitlocker-haadj-nightmare/
Next, Irenäus Becker walks through how to create a custom image for your Windows 365 machines
This script from Damien Van Robaeys grabs the hardware hash from a machine, uploads to Sharepoint and then uses an Azure Runbook to read the file and import the devices automatically into Autopilot
https://www.systanddeploy.com/2023/06/automatically-import-windows-autopilot.html
The first of a two part series from Thiago Beier covering Autopilot profiles, starting with a profile for HAADJ devices
https://thiagobeier.wordpress.com/2023/06/13/windows-autopilot-deployment-profiles-part-1/
As the old Microsoft Store integration has finally stopped working, you have hopefully migrated your apps to the new one. You may, however, have found some issues with system assigned apps and previously user assigned apps. Fortunately Ben Whitmore and Bryan Dam have put together a script to solve this for you!
https://patchtuesday.com/blog/intune-microsoft-store-integration-app-migration-failure/
This new application from Trevor Jones displays the friendly names for objects to bulk add to AAD groups
https://smsagent.blog/2023/06/09/new-app-azure-ad-group-bulk-import/
Your Apple Device Enrollment tokens are pretty critical and you really don’t want to let them expire! Why not use a Logic app to alert you? Find out how in this post from Somesh Pathak
https://www.intuneirl.com/create-a-logic/
Next, Thomas Marcussen looks at the requirements for Autopatch
https://blog.thomasmarcussen.com/understanding-the-requirements-of-windows-autopatch/
Nicklas Ahlberg has put together a proactive remediation to fix CVE-2023-32019 here
https://www.rockenroll.tech/2023/06/15/fix-cve-2023-32019-the-easy-way/
If your LAPS managed account is complaining about a password expiry, check out this post from Jose Schenardie
https://intune.tech/2023/06/15/LAPS-PasswordPolicies.html
Video Content
Now onto the video content starting with a quick demo on configuring LAPS from Craig Camacho
Now we have a thorough run-through of the Autopilot process from Alex de Jong
A second video from Alex looking at what happens in Intune and on the machine when you push a profile to a device
A third video from Alex, this time looking at Intune app deployment
The latest intune.training video has arrived featuring Adam Gross and Ben Reader. This one looks at what you can do with Linux devices using Intune
Niklas Tinner chats with Mattias Melkersen about all things Intune in this video
This video from Anoop Nair shows how to use Intune Security Baselines to deploy Defender for Endpoint Policies
Microsoft Content
A support tip from the Intune team looking at iOS and iPadOS Beta
You can now use PIM to configure just-in-time access to Intune. Find out more here from Chris Kunze
Have a look at what’s new in MSIX here with Naveen Kumar Nooka
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-new-in-msix-june-2023/ba-p/3845506
Windows 11 now supports multi-app kiosk mode. Find out more in this article from Sydney Bruckmann
Another post from the Intune support team looking at the Zebra OEM Config app for Android
There has been an update (a good one) to the pre-reqs for enrolling device managed by MDE into Intune:
For those of your using the old AzureAD PowerShell module, the lifespan has been extended. Make use of this time to transition your scripts and modules to the new Graph SDK. Read more in this post from Kristopher Bash
The high-level architecture diagram for Windows 365 has been released and is available here:
https://learn.microsoft.com/en-us/windows-365/enterprise/high-level-architecture
The latest skilling snack is out and looks at one of my favourite things, Microsoft Graph from Angie Chen.
That’s it for this week, have an incredible weekend