Welcome to the post-Ignite newsletter. I hope all of you who managed to attend in person had a great time! Community Content We start this week with a guide on how to further secure your Android devices using Defender for Android from Niklas Rast https://niklasrast.com/2023/11/14/empowering-android-enterprise-security-with-microsoft-defender-for-android/ A second post from Niklas, this time a requirements script … Read more
Winget is an excellent tool, but in some organizations you may not want to use the community repo (although all apps are checked), or you may want to host your own internal apps, but deploy and update via Winget. One option is to simply use a custom manifest which I have covered here The more … Read more
Sometimes when running scripts in the system context with Intune we need to query the local user, whether that is the registry, or the local drive (Requirements scripts, detection scripts where you can’t switch to current user are a good example) Using the environment variables won’t work at the system level as it will just … Read more
If you are in Europe and have noticed that Teams is no longer installing with your M365 apps, this isn’t a bug, it is due to the European Competition ruling: https://blogs.microsoft.com/eupolicy/2023/08/31/european-competition-teams-office-microsoft-365/ The fix is to deploy the Teams Machine wide installer onto your devices: https://learn.microsoft.com/en-us/microsoftteams/msi-deployment To make things easier, I have created a script which … Read more
Whilst I’m a massive fan of PMPC, Scappman and Winget, there are times where I have to go old fashioned and package applications myself I’ve found the best way of detecting the uninstall string to use is to install the application (ideally in a sandbox) and then go digging through the registry which works well, … Read more
Anyone running Windows 10 may have noticed KB5029331 has added a Windows Backup application which doesn’t work on non-consumer accounts, but still forces itself onto the start menu. I’m not a fan of any bloatware so want to add this to things to remove. Fortunately I had some help from this Reddit thread:https://www.reddit.com/r/Intune/comments/16i8arf/can_we_remove_the_new_windows_backup_start_menu If I … Read more
I’m excited to announce the pre-order of my new book “Intune Cookbook” which covers a full Intune setup and management from start to finish as well as the all important PowerShell and Graph commands (we all know how much I love automating!) It’s many months of effort and a long read which I hope you … Read more
During the excellent Modern Endpoint Management summit in Paris, I was sitting in the equally excellent session from Florian Salzmann and one of the questions was if the Device bulk commands could send an on-demand remediation to multiple devices and the answer was no. This gave me an idea so I built this script on … Read more
When migrating to the modern Autopilot world, if you are not purchasing net-new devices, you may find yourself having to rebuild current ones. This means getting these devices into Autopilot devices. The most popular option (and rightly so) is to use the Get-WindowsAutopilotInfo script, whether that’s the official one or the community edition Sometimes though, … Read more
With the release of MAM for Windows I thought I would revisit securing your data on BYOD with Windows (previous post here) In this post we will cover how to fully protect your data so that your Windows users can only access corporate information via a protected browser and keep the data contained. To make … Read more