Welcome to this weeks newsletter marking the end of June and for the MVPs reading this, the week before renewal date, I am keeping my fingers crossed for all of you!
Community Content
We start this week with the second part of Simon Hartmann Eriksen‘s series looking at moving to future endpoint management, this one looks at the move to Intune
https://www.simsenblog.dk/2023/06/26/future-client-zero-trust-pt2/
Next, Manish Bangia runs through how you can import your group policies directly into Intune
https://www.manishbangia.com/migrate-group-policies-to-intune/
If you have Windows Enterprise licensing, Windows Autopatch is well worth looking at. This post from Thomas Marcussen tells you everything you need to know
https://blog.thomasmarcussen.com/9-things-to-know-about-windows-autopatch/
Intune now supports Zebra devices and keeping them updated. Here, Timmy Andersson runs through the full process
https://timmyit.com/2023/06/26/first-look-at-managing-android-updates-for-zebra-devices-with-intune/
For those of you wanting to get started with Windows 365 Enterprise, the deployment guide is worth checking out. This post from Dominiek Verham shows you how
https://techlab.blog/the-journey-of-the-windows-365-enterprise-advanced-deployment-guide/
On the subject of Windows 365, find out how to use the new Windows 365 boot functionality in this post from Peter van der Woude
https://www.petervanderwoude.nl/post/getting-started-with-windows-365-boot/#respond
The Apple WWDC was not all about the worlds most expensive skiing goggles, it also included additions to device management and enrollment. Somesh Pathak has them covered in detail here
https://www.intuneirl.com/wwdc-2023-apples-leap-into-next-level-device-management-part-1/
We have a second post from Somesh this week, showing how you can link Adobe with OneDrive on your iOS devices:
https://www.intuneirl.com/enable-adobe-to-read-pdf-from-one-drive/
Next, learn all about custom compliance policies in this post from René Laas
https://endpointcave.com/custom-compliance-policy-script-with-multiple-checks/
Windows Update for Business Reports are a useful addition to the out-of-the box reporting included in Intune. To learn how to deploy, read this post from Mike Shellenberger
https://mjshellenberger.com/2023/06/24/how-to-guide-deploying-windows-update-for-business-reports/
Now for two posts from Rahul Jindal, starting with some troubleshooting tips if you are having trouble installing Winget apps with the error 0x8A15001B Result:BlockedbyPolicy
https://rahuljindalmyit.blogspot.com/2023/06/winget-apps-installation-error.html
Rahul’s second post shows how to configure admin consent for app protected applications so end-users must request access to these applications on mobile devices
https://rahuljindalmyit.blogspot.com/2023/06/configure-admin-approval-workflow-for.html
The release of 2305 has enabled the movement of a cloud PC to a new region or Azure Network Connection which is most welcome with the constant addition of new regions. Find out how in this post from Sune Thomsen
https://blog.mindcore.dk/2023/06/move-cloud-pcs-to-a-new-azure-region-or-azure-network-connection/
Prajwal Desai also runs through how to move a Windows 365 machine between regions
https://www.prajwaldesai.com/move-windows-365-cloud-pcs-to-another-region/
Next up, Niklas Tinner digs into security baselines, how to use them, what they include and how to test them
https://oceanleaf.ch/dive-into-microsoft-security-baselines/
James Robinson has gone digging into the underpinnings again, this time looking at the M365 Apps admin centre and the API underneath
https://skiptotheendpoint.co.uk/under-the-hood-pt-3-m365-apps-admin-center/
This post from Gannon Novak shows how to use Remediations and app registrations to set extension attributes based on device properties
https://smbtothecloud.com/dynamically-add-device-extension-attributes-using-remediations/
Thiago Beier has released the fourth part of the series looking at the different ways to enroll Windows devices, this one shows how to use a PPKG
https://thiagobeier.wordpress.com/2023/06/27/enroll-windows-device-using-ppkg-part-3/
Find out how to run remediations on demand in this post from Jitesh Kumar
https://www.anoopcnair.com/run-remediation-script-on-demand-intune/
Find out how to manage those pesky users who do not have MFA enabled in this post from Joey Verlinden
https://www.joeyverlinden.com/protect-handle-users-not-protected-by-mfa/
The latest Rudy Ooms deep-dive looks at Sync errors and the SyncMl tool
https://call4cloud.nl/2023/06/the-0x800705b4-error-in-our-stars/
Next, Damien Van Robaeys has released a very useful script to quickly check the install status of an application using PowerShell and Graph
https://www.systanddeploy.com/2023/06/using-powershell-and-graph-to-get.html
This post from Nick Benton looks at Settings Catalog assignments and how to set them with Powershell and Graph
https://memv.ennbee.uk/posts/managing-intune-assignment-settingscatalog/
Somesh Pathak demonstrates how to use Power Apps and Power Virtual Agents to create a chat-bot to use with Intune here
One minor annoyance with Intune is the fact that Outlook contacts don’t show up in the phone contacts. Fortunately Torbjorn (Mr T-Bone) Granheden has an Azure Automation to resolve this
https://www.tbone.se/2023/06/29/contact-manager-for-azure-automate/
Next, Rahul Jindal compares Conditional Access and the “Require MFA to join devices to Azure AD” options
https://rahuljindalmyit.blogspot.com/2023/06/require-mfa-to-registration-or-join.html
Find out how to deploy a quiet time policy to your Android and iOS devices in this post from Andy Jones
Video Content
Onto the video content for this week starting with two videos from Dean Ellerby, the first of which looks at the new preview feature to use Intune to manage security on your server devices
Dean’s second video covers the new Application Control policy functionality.
Dean’s third video this week shows how to enrol your tenant into Autopatch
Dean has had a busy week and this fourth video demonstrates how to use the Power App from Moe Kinani to grab LAPS passwords from any device
Next, Matt Call has released a new video looking at RBAC for Intune. If you haven’t seen the previous videos, you can find them here
The latest EMS Community podcast (Episode 4) is now out covering Fido2, community tools and more. This episode features Shehan Perera, Eric Woodruff, Jonas Bøgvad, Lewis Barry and some random.
The latest intune.training video is out looking at LAPS with Steven Hosking and Jóhannes Geir Kristjansson
Microsoft Content
In Microsoft news, an exciting new feature is now in GA to manage drivers and firmware within Intune with a GUI and fine control over what is deployed to your devices. I’ve been excited about this for ages!! Find out more in this post from David Guyer
Find out why AI powered analytics in Intune is so important in this post from Steve Dispensa and Archana Devi Sunder Rajan
The 2306 release improves the functionality for deploying apps to Windows 11 SE from Intune for Education as covered here by Aasawari Navathe
As well as the apps and drivers mentioned above, there are loads of exciting new features in 2306 including Remediations on demand!
https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new
The first of a two parter from Jacob Scott showing how to enrol Android teams phones into Intune
Next, we have some best practice recommendations when deploying apps to Win365 machines from Curtis Sawin and Aleksander Bozadzhiev
Find out how to use KPI to track expedited updates in this post from Akash Malhotra
The latest skilling snack is out and this week looks at Windows 11 accessibility from Ben Watt
That’s it for this weekend, congratulations for getting this far (and making it through the week), have a great weekend!