Intune

If you are in Europe and have noticed that Teams is no longer installing with your M365 apps, this isn’t a bug, it is due to the European Competition ruling: https://blogs.microsoft.com/eupolicy/2023/08/31/european-competition-teams-office-microsoft-365/ The fix is to deploy the Teams Machine wide installer onto your devices: https://learn.microsoft.com/en-us/microsoftteams/msi-deployment To make things easier, I have created a script which … Read more

Anyone running Windows 10 may have noticed KB5029331 has added a Windows Backup application which doesn’t work on non-consumer accounts, but still forces itself onto the start menu. I’m not a fan of any bloatware so want to add this to things to remove. Fortunately I had some help from this Reddit thread:https://www.reddit.com/r/Intune/comments/16i8arf/can_we_remove_the_new_windows_backup_start_menu If I … Read more

I’m excited to announce the pre-order of my new book “Intune Cookbook” which covers a full Intune setup and management from start to finish as well as the all important PowerShell and Graph commands (we all know how much I love automating!) It’s many months of effort and a long read which I hope you … Read more

During the excellent Modern Endpoint Management summit in Paris, I was sitting in the equally excellent session from Florian Salzmann and one of the questions was if the Device bulk commands could send an on-demand remediation to multiple devices and the answer was no. This gave me an idea so I built this script on … Read more

When migrating to the modern Autopilot world, if you are not purchasing net-new devices, you may find yourself having to rebuild current ones. This means getting these devices into Autopilot devices. The most popular option (and rightly so) is to use the Get-WindowsAutopilotInfo script, whether that’s the official one or the community edition Sometimes though, … Read more

With the release of MAM for Windows I thought I would revisit securing your data on BYOD with Windows (previous post here) In this post we will cover how to fully protect your data so that your Windows users can only access corporate information via a protected browser and keep the data contained. To make … Read more

In 2307 Intune release, users now have the ability to uninstall apps themselves in Company Portal. I’m not going to show you how to do that manually as that’s well covered by others like this one from Prajwal: https://www.prajwaldesai.com/intune-uninstall-apps-in-company-portal/ Instead, I am going to give you a quick way to switch as many apps as … Read more

With the recent changes to the store, both the Intune integration and the new Windows 11 store, you may want to restrict what your users can install. Blocking the store completely is an option, but that will stop your Windows apps from updating (including the likes of calculator and notepad) and also block any apps … Read more

After the addition of App support using Winget, I had a few requests for the policy backup/restore to also support assignments. Assignments It turns out, it is not as easy as I was expecting. Within Graph, the assignments are based on group ID and obviously the group ID won’t be the same between tenants so … Read more