Welcome back and it was great to meet many of you at MEM summit last week. Next week I’m off again to EUCTech at Legoland so if the newsletter is slightly late, I’m probably still building Lego models!
If any of you have not bought a copy of my second edition of the Intune Cookbook and would like to do so, I also have a special discount code for you…
Community Content
Now users can bring their own Copilot subscription to your corporate data, you may want to block this centrally to keep control over your data. Follow this guide from Ewelina Paczkowska to find out why you should block it and how to do so
https://www.welkasworld.com/post/blocking-bring-your-own-copilot-byoc-on-work-documents
Managing macOS personal devices has always been a gap in Intune. Find out why and some ways of helping secure your data on those device in this post from Andy Jones
Closing Intune’s macOS MAM Gap: A Cyber Essentials BYOD Guide
On the subject of MAM, we can now finally have cross-tenant support on Windows devices so you can have multiple browser profiles, each protected within a different tenant. Lean how in this post from Peter van der Woude
We finally have backup and restore for your Entra objects. Here is a cheat sheet from Shehan Perera to see how it works
I remember when Windows Phone has Continuum to plug your phone into a dock and use it as a PC (I think I still have the dock and phone somewhere!). We have now gone full circle and you can do the same again, but using Windows 365. See it in action here with Niall Brady and Paul Winstanley
If you want to RDP into an Entra joined machine, check out this guide from Michael Frank
https://michaelsendpoint.com/entra/ConnectJoined.html
Apple are tightening their requirements for TLS on MDM, but Intune should be fine. Learn more here from Somesh Pathak
Apple’s Stricter TLS Requirements Are Coming — Here’s Why Intune Admins Can Relax
If you are looking to protect your shared PCs, this guide from Dustin Gullett is definitely worth reading
Don’t Burn the Steak: Entra Passkeys, Shared PCs, and Phishing-Resistant Access
Whilst not everyone wants to wait for all windows updates during OOBE, getting defender updated is something everyone should really be doing. This post from Jan Mulder covers how to enable it
A useful remediation and runbook from Damien Van Robaeys to automatically add devices to an Entra group based on a registry key on a device (no reason it couldn’t be used for other things though by tweaking the remediation)
https://www.systanddeploy.com/2026/04/automatically-populate-devices-group.html
Kevin Malinoski continues looking at Assigned Access Kiosks in this end-to-end post
Next, Mr T-Bone has created a PowerShell wrapper script to convert anything into an application to appear in the Apps settings menu
Video Content
Now for this weeks video content starting with a look at all of the exciting features in Entra P2 from Jonathan Edwards
Learn all about the upcoming change to Hotpatch enrollment in this video from Steve Weiner
Dean Ellerby also looks at Hotpatch here
This video from Vaishnav K runs through getting started with Windows 365 Frontline
Microsoft Content
Now for this weeks Microsoft content and we start with the exciting news that Unpacking Endpoint Management is back, you can see the upcoming episodes in this post from the Intune Support Team
Autopatch will soon recommend changes to help with your patch compliance with a new report as covered here by Aria Hanson
I think Windows 365 is one of the unsung heroes of the W365 offerings, a quick and easy way to get users back up and running when they don’t have access to their corporate device. It has just got even better with user-initiated provisioning to also lighten the load on your IT teams. Find out more in this post from Logan Silliman
This is one everyone should read, find out the exact performance of Intune in this excellent post from Albert Cabello Serrano
Learn how to remove pre-installed apps in this post from Ingrid Allen
That’s all for this week, have a great weekend!