Picture the scene, you have developed a remediation to do some sort of device magic involving Graph API and device. Then you find out that whilst you can absolutely add app registration secrets in your remediation, they are displayed in plain text on the device, certainly not an ideal situation! Fortunately there is a solution … Read more
If you have ever used the original GitHub selection of PowerShell Intune Samples from Microsoft at the URL below, it will have included a hard-coded application registration (multi-tenant) which will be removed from the Microsoft tenant on 1st April and at that point your scripts will stop working. https://github.com/microsoftgraph/powershell-intune-samples How do I know if I … Read more
Whilst I have many scripts which run in Azure runbooks (some are designed to do so), I’ve never actually covered how to setup your first automation account to use with Graph so now is the time to sort it! Pre-requisites Creating an account Adding modules Creating an app reg Authenticating with secret Authenticating with certificate … Read more
There have been plenty of posts covering the new Enterprise App Management functionality in the Intune suite, but I’ve now had a chance to look at what’s going on within the API and more importantly, how I can automate it! This didn’t make the cut-off for my book, but if there is a second edition, … Read more
If you deal with Teams Rooms devices, you will no doubt have come across device identifiers as a way of specifying certain devices to enroll as corporate rather than personal. This post won’t cover what they are or how to manually add them as that is well covered on the Microsoft site: https://learn.microsoft.com/en-us/mem/intune/enrollment/corporate-identifiers-add Instead we … Read more
I’ve been using Winget for a while now and whilst it’s fantastic, the command line interface sometimes wasn’t ideal, especially as I tend to live in PowerShell and like to be able to manipulate the output a bit. For my winget scripts, I have been using some functions put together for an old Microsoft event … Read more
Welcome to the post-Ignite newsletter. I hope all of you who managed to attend in person had a great time! Community Content Video Content Microsoft Content Ignite News Community Content We start this week with a guide on how to further secure your Android devices using Defender for Android from Niklas Rast Empowering Android Enterprise … Read more
Winget is an excellent tool, but in some organizations you may not want to use the community repo (although all apps are checked), or you may want to host your own internal apps, but deploy and update via Winget. One option is to simply use a custom manifest which I have covered here The more … Read more
Sometimes when running scripts in the system context with Intune we need to query the local user, whether that is the registry, or the local drive (Requirements scripts, detection scripts where you can’t switch to current user are a good example) Using the environment variables won’t work at the system level as it will just … Read more
If you are in Europe and have noticed that Teams is no longer installing with your M365 apps, this isn’t a bug, it is due to the European Competition ruling: https://blogs.microsoft.com/eupolicy/2023/08/31/european-competition-teams-office-microsoft-365/ The fix is to deploy the Teams Machine wide installer onto your devices: https://learn.microsoft.com/en-us/microsoftteams/msi-deployment To make things easier, I have created a script which … Read more