We have an exciting week this week with the GA release of Security Copilot within Intune and on a personal note, this is the last day of my lovely two week holiday. When you’re reading this, I’m probably someway across the Pontcysyllte Aqueduct on a narrow boat
Fortunately, many MVPs are still churning out excellent content and we also have a lot of Microsoft announcements this week
Community Content
For anyone dealing with large environments, or frequent Graph calls, you have no doubt come across both pagination and performance issues. To help, check out this excellent function from Jorge Suarez to send your queries in batches
Now for two posts from Ugur Koc, starting with a script to block homebrew on MacOS which can be deployed via Intune
With the GA release of Security Copilot, Ugur also looks at how you can use this to help create KQL queries from natural language prompts
https://ugurkoc.de/kql-queries-made-easy-my-intune-admin-journey-with-copilot/
Next, Jan Mulder covers how to create an Apple update policy with declarative device management to replace any deprecated software update policies. I’m looking forward to seeing what else is released in this Apple blog series
A lot of excitement around Security Copilot. If you are looking to get started with it in Intune and Defender, this post from Joery Van den Bosch is a must read
I still prefer Applocker to WDAC and often recommend it for application control, but it is a pain to configure in Intune. To make things easier, Niels Kok has created a script to import your policies directly into Intune.
Coming soon to a Windows machine near you, M365 companion apps. First you’ve heard of them? Read this post from James Robinson to find out more
https://skiptotheendpoint.co.uk/m365-companion-apps-a-p-review/
M365 app add-ins are often a cause of frustration. If you’re stuck with them, Gannon Novak covers how to manage them here
https://smbtothecloud.com/from-com-to-web-managing-microsoft-365-app-add%e2%80%91ins/
Windows Autopatch is effectively a must-have now it’s available with so many different licenses. If you aren’t using it yet, this guide from Nicklas Olsen covers everything you need to know
https://www.learnintune.net/windows-autopatch-get-ready-to-update/
A new addition to Windows, Quick Machine Recovery can check online to try and fix any issues causing machines not to boot. This post from Peter van der Woude shows how to enable it and how it works
Video Content
Now for the video content, starting with a script from Chander Mani Pandey to bulk remove devices from Intune groups
Next, Dean Ellerby looks at the updates to Entra Connect Sync, how to install it and how to configure it
We now have two videos from Steve Weiner, starting with an end-to-end look at Security Copilot, how to get started and how to use the Explorer functionality to make your life easier
Steve’s second video covers some exciting updates to the excellent Hyperpilot app
Microsoft Content
Now for the large selection of Microsoft content and we begin with a guide on configuring the new Intune connector using the least privilege principle from Arpit Sinha
As mentioned by Jan earlier, you need to move your Apple update policies to declarative device management. Here is the official post from Benjamin Flamm
The initial announcement of Microsoft Security Copilot for Intune and Entra is here from Dorothy Li
Improving IT efficiency with Microsoft Security Copilot in Microsoft Intune and Microsoft Entra
Here is the announcement for Explorer in Intune including a demo from Ravi Ashok and Zineb Takafi
The downloadable Windows media now includes updated store apps to save you having to wait for them to update before being usable. Here is more information and a list of apps from Jerry Huang
That’s it for this week, have a great weekend!