Automating Intune corporate device identifiers

If you deal with Teams Rooms devices, you will no doubt have come across device identifiers as a way of specifying certain devices to enroll as corporate rather than personal. This post won’t cover what they are or how to manually add them as that is well covered on the Microsoft site: https://learn.microsoft.com/en-us/mem/intune/enrollment/corporate-identifiers-add Instead we … Read more

Winget PowerShell module

I’ve been using Winget for a while now and whilst it’s fantastic, the command line interface sometimes wasn’t ideal, especially as I tend to live in PowerShell and like to be able to manipulate the output a bit. For my winget scripts, I have been using some functions put together for an old Microsoft event … Read more

Intune Newsletter – 17th November 2023

Welcome to the post-Ignite newsletter. I hope all of you who managed to attend in person had a great time! Community Content We start this week with a guide on how to further secure your Android devices using Defender for Android from Niklas Rast https://niklasrast.com/2023/11/14/empowering-android-enterprise-security-with-microsoft-defender-for-android/ A second post from Niklas, this time a requirements script … Read more

Creating a custom Winget Repo

Winget is an excellent tool, but in some organizations you may not want to use the community repo (although all apps are checked), or you may want to host your own internal apps, but deploy and update via Winget. One option is to simply use a custom manifest which I have covered here The more … Read more

Enumerating the logged on user when running as system with Azure AD/Entra joined devices

Sometimes when running scripts in the system context with Intune we need to query the local user, whether that is the registry, or the local drive (Requirements scripts, detection scripts where you can’t switch to current user are a good example) Using the environment variables won’t work at the system level as it will just … Read more

Teams missing from M365 apps in Europe – This is why

If you are in Europe and have noticed that Teams is no longer installing with your M365 apps, this isn’t a bug, it is due to the European Competition ruling: https://blogs.microsoft.com/eupolicy/2023/08/31/european-competition-teams-office-microsoft-365/ The fix is to deploy the Teams Machine wide installer onto your devices: https://learn.microsoft.com/en-us/microsoftteams/msi-deployment To make things easier, I have created a script which … Read more

Removing Windows Backup on Windows 10

Anyone running Windows 10 may have noticed KB5029331 has added a Windows Backup application which doesn’t work on non-consumer accounts, but still forces itself onto the start menu. I’m not a fan of any bloatware so want to add this to things to remove. Fortunately I had some help from this Reddit thread:https://www.reddit.com/r/Intune/comments/16i8arf/can_we_remove_the_new_windows_backup_start_menu If I … Read more

New Book Announcement

I’m excited to announce the pre-order of my new book “Intune Cookbook” which covers a full Intune setup and management from start to finish as well as the all important PowerShell and Graph commands (we all know how much I love automating!) It’s many months of effort and a long read which I hope you … Read more

Remediations on demand in bulk

During the excellent Modern Endpoint Management summit in Paris, I was sitting in the equally excellent session from Florian Salzmann and one of the questions was if the Device bulk commands could send an on-demand remediation to multiple devices and the answer was no. This gave me an idea so I built this script on … Read more