The long weekend feels like a distant memory now as we all try and catch up on work. There’s always time for some Friday content to prepare you for the weekend though!
Community Content
We start this week with a look at how to use Cloud PKI with Entra Cert Based Enrollment and TAP to onboard Android devices without ever needing a password from Torbjorn (Mr T-Bone) Granheden
https://www.tbone.se/2024/04/02/intune-cloud-pki-and-entra-cba-for-frontline-workers/
Next, Peter van der Woude looks at how to enable Endpoint Analytics in your tenant and what happens on the device itself
https://www.petervanderwoude.nl/post/looking-closer-at-enabling-endpoint-analytics/
If you are running Dell devices, this guide from Michael Meier shows how to prepare your devices for Intune UEFI config
https://mikemdm.de/2024/04/01/configure-dell-uefi-settings-using-intune-configuration-profiles/
Shehan Perera also looks at the new functionality to manage Dell BIOS config using Intune here
https://emsroute.com/2024/03/30/intune-dell-bios/
With the security baselines finally receiving an update, Shehan also runs through updating them in your tenant
https://emsroute.com/2024/04/03/security-baseline-23h2
For a bulk Intune device clean-up (including removing from Entra), check out this script from Sander Rozemuller
https://www.rozemuller.com/delete-aad-intune-devices-based-on-csv-and-graph-api/
With Copilot for security now GA, Somesh Pathak looks at what it can offer you and how to deploy it into your tenant
https://www.intuneirl.com/microsoft-copilot-for-security-preview-and-intune/
Jan Mulder also runs through configuring and using Copilot for security in this post
https://wolkenman.wordpress.com/2024/03/31/setup-copilot-for-security/
A third post looking at Copilot for security, this time from Joery Van den Bosch
https://intunestuff.com/2024/04/03/intune-plugin-in-copilot-for-security-public-preview
On the subject of security Copilot, Rogier Dijkman looks at how to use it whilst keeping the costs manageable
https://rogierdijkman.medium.com/running-copilot-for-security-without-breaking-the-bank-42711d7e4d00
We now have two posts from Rudy Ooms, starting with a look at the device flow and sync time with the new MMP-C service
https://call4cloud.nl/2024/04/when-does-a-device-sync-with-mmpc/
Rudy’s second post looks at a bug discovered in Config Refresh (now resolved)
https://call4cloud.nl/2024/04/keeping-up-with-the-emmdeviceid-and-configrefresh-bug/
Next, Niall Brady has put together a very useful script to offboard devices from Autopilot when they reach end of live
https://www.niallbrady.com/2024/03/31/pc-buyback-for-windows-autopilot-devices-part-1/
Michael Niehaus has had a busy week with multiple posts, starting with a warning if you are using an app reg from older Graph scripts from Microsoft
This post digs into the Windows client sync
https://oofhours.com/2024/03/30/when-does-a-windows-client-sync-with-intune/
If you need to grab information from the user during ESP, you can use an app as covered here
https://oofhours.com/2024/04/01/prompt-for-information-during-autopilot-with-an-app/
And a particularly run one, taking me back to the loading games on the ZX Spectrum and Commodore 64, now you can launch online games during ESP!
https://oofhours.com/2024/04/02/we-need-entertainment-during-esp/
Learn how to use PowerShell to query your Lenovo BIOS version here with Damien Van Robaeys
https://www.systanddeploy.com/2024/04/check-if-lenovo-device-has-latest-bios.html
Next, Gannon Novak runs through options to block internet access using Intune
https://smbtothecloud.com/block-internet-browsing-with-intune
If you’re using Packer and Azure DevOps, check out connecting with Azure CLI here from Niels Kok
https://www.nielskok.tech/infrastructure-as-code/packer-azure-cli-authentication
You can now manipulate your W365 machines using Graph! Learn all about the new commands here with Dominiek Verham
https://techlab.blog/introducing-graph-apis-for-windows-365
Don’t let your Apple certificates expire! Find out how to update them in this post from Jeroen Burgerhout
https://www.burgerhout.org/renewing-the-apple-push-notification-service-certificate
Jon Towles has released the third part of the Intune guide for VMware WS1 administrators, this one covers apps
https://mobile-jon.com/2024/04/03/the-workspace-one-admins-guide-to-microsoft-intune-part-3-apps
Video Content
Now for the video content, starting with two podcasts and two videos from Steven Weiner, the first podcast features Jon Towles and covers migrating from VMWare WSOne to Intune
The second features me where we discuss my book and Intune in general
Steve also looks at custom requirements scripts in this video
We also have the next part of the cloud native series, this one covers registering devices with Autopilot
Next, we have the latest intune.training video with Adam Gross and Steven Hosking. This one covering Android Work profile on personally owned devices
In this video, Dean Cefola looks at some more unusual ways to deploy AVD
There have been some major (and not great) changes to the M365 dev tenants, find out more here with Dean Ellerby
Microsoft Content
On with the Microsoft news, starting with the GA of security Copilot with Chaitra Satish
Intune Suite is now available for Government Customers as covered here by Michael Clifford
We also have support approved for EPM, learn more here with Mike Danoski
That’s all for this week, have a great weekend!