Welcome again to this weeks exciting installment of the Intune Newsletter
Community Content
If you are using Cisco VPN and need to replace the old Roaming client, follow this guide from Gannon Novak which will run you through a full deployment of the new apps and certificates
https://smbtothecloud.com/deploy-the-cisco-secure-client-with-umbrella-module-using-intune
Next, Rudy Ooms flags up something you need to watch for if you want to use Intune Suite but are also using Cisco DUO for MFA
https://call4cloud.nl/2024/04/may-the-intune-suite-be-with-you
Jon Towles has released the next part of the guide when transitioning from WSOne to Intune. This one looks at security policies, patching and remediations
https://mobile-jon.com/2024/04/22/the-workspace-one-admins-guide-to-microsoft-intune-part-4-security
If you are getting started with Defender for Endpoint and don’t know how to configure everything to play nicely with Intune, follow this guide from Niklas Tinner
https://oceanleaf.ch/defender-for-endpoint-security-settings-management
For anyone considering allowing personal device enrollment in Intune, you might want to have a read of this post from Peter van der Woude
We now have two posts from Daniel Bradley, the first is a very important one if you are enrolling devices using an offline JSON (Autopilot for existing devices)
https://ourcloudnetwork.com/microsoft-fix-intune-personal-device-enrollment-restriction-bypass
The second covers new Intune functionality to automatically update any Available apps which a user has installed themselves from company portal
https://ourcloudnetwork.com/how-to-auto-update-apps-assigned-as-available-in-microsoft-intune
Next, Rahul Jindal demonstrates how to use XDR with macOS to trigger response actions
https://rahuljindalmyit.blogspot.com/2024/04/using-custom-detections-to-trigger.html
Nick Benton has released the second part of a series on how to perform risk based Win11 upgrade. This one uses extended device attributes to automatically configure groups based on the upgrade risk from Readiness Reports
https://memv.ennbee.uk/posts/windows-11-risk-based-deployment-part2
This first part of a new series from Harri Jaakkonen looks at all things CA. Part one covers the basic options available and what they all do
https://www.cloudpartner.fi/?p=16831
If you are running full cloud native devices, you will want to switch your firewall profile to domain when connecting to a corporate network. Find out how in this post from Niklas Rast
To speed up your app packaging using PSADT, check out this new tool from Tugay Taskin. With community tools like this, feedback and feature requests are so important so please update Tugay if you try it
https://blog.tugi.ch/deployment-editor-preview
Claus Blaabjerg Hansen has released part 4 of the excellent Modern Management guide, this one covers, timezones, security baselines and more
Video Content
Now onto the video content, starting with a look at cloud PKI from Saurav Sarkar
If you’re getting started with app deployment, PSADT is an excellent way to standardise your installations. Dean Ellerby has a getting started guide for using the tool here
Now you know how to use PSADT, Dean covers how to use it with Intune in this video
We also have another video from Steve Weiner, this one covering Intune Cloud PKI with Bring your own CA (BYOCA)
Steve also runs through blocking the store on Windows pro editions
Microsoft Content
If you are using classic conditional access policies, you need to migrate them to new policies by July 10 2024. Find out more here from the Intune Support Team
An update for remote help, it now includes full control for macOS devices! Learn more here with Kara Wang and Katerina Athanasiou
For those of you in Education, have a look at the new Edge options available to you here from Ileana Wu
You can now request application diagnostics from the troubleshooting tools in Intune. Find out more here with Jon Lynn
That’s all for this week, have an incredible weekend!