I’m sure everyone reading this has deployed many applications within Intune using the win32 format and most likely used an MSI code or a file/registry detection method to monitor for a completed install (and why wouldn’t you, they work perfectly) Sometimes however, you might come across an application which is more tricky to detect, or … Read more
As I’m sure some of you know, I’m a big fan of Powershell scripting and find most tasks can be done far more quickly with a script than manually. Whilst the Powershell scripts within Intune work nicely, they are run-once scripts (unless you want to start deleting registry keys) and sometimes you want a script … Read more
Sometimes when working with an Intune environment, I find myself needing to assign all of the policies, apps etc. to a new Entra ID Group (new UAT group, changing from All Users etc.) Currently, this is a VERY manual process, clicking on each in the web portal and then assigning, but thanks to PowerShell and … Read more
This is something new I want to try, keeping track of everything which is changing in Intune can be a tricky task. I go for an RSS aggregator (happy to share my list), but to make it easier for everyone, I’m going to attempt to do a weekly roundup of what I feel are some … Read more
Following on from the previous post on environment backup, how we’re going to look at the users own data. I’m sure we’re all following the 3-2-1 rule for our infrastructure, but what about user data on the device. We now have wonderfully cloud managed devices which can be remotely rebuilt to users in the comfort … Read more
For the next couple of posts I’m going to cover something close to the hearts of us all, backups! Picture the scene, someone has accidentally deleted a reasonably complex Intune policy (worse still, it’s a Custom one) and it’s critical at that. Now, obviously at this point we all fall back to the manual backup … Read more
This post will cover how to create a new Azure PIM Eligible assignment and link it to an Azure AD group, but all done via Powershell. For Azure AD joined devices, using Privileged Identity Management and the built-in Device Administrators role you can control who has access to be a machine admin and for how … Read more
In today’s exciting post, I’m going to create a Conditional Access policy in Entra ID to restrict cloud apps to only Intune compliant devices, using my favourite scripting language, Powershell (and we all know how much I love a good script!) As usual, the script can be found on my ever-growing GitHub here I’ll be … Read more
Update: Update Compliance is now EOL, please use Windows Update for Business reports instead: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/now-generally-available-windows-update-for-business-reports/ba-p/3677018 Today’s post is about a Microsoft tool which is completely free and a great way of tracking Windows updates across the estate. Did I mention it’s free? If you want to read up more about it, here is the Microsoft … Read more
Sometimes, especially in large environments, keeping track of who is making which changes within Intune can be a pain and there is always that one time where change control isn’t followed and something breaks. In this post I’m going to configure Intune to alert on Audit Logs, send to an Azure Event Hub and then … Read more
