Gannon Novak

Export & Import settings catalog profiles between tenants with PowerShell and Graph API

Intro Several months ago I read a blog about exporting and importing Intune configuration profiles and policies between tenants (Export & Import Intune policies and configuration using Graph API (cloudsecuritea.com). This method worked well and saved a lot of time, but this method doesn’t work for settings catalog profiles. Now that settings catalogs are the

Export & Import settings catalog profiles between tenants with PowerShell and Graph API Read More »

PowerShell an App Registration & use it for Autopilot Registration

Getting devices registered in autopilot can be a pain if they are already in production. I wrote a post last month about uploading hardware hashes to blob storage (or a network share) and then merging the CSV hashes into a single file for upload. However, I recently discovered the Get-WindowsAutoPilotInfo script can authenticate to your

PowerShell an App Registration & use it for Autopilot Registration Read More »

Protect Company Data on Personal iOS/Android devices using Intune Mobile Application Management (MAM)

When organizations want to secure their company data but still allow employees to use personal mobile devices (Android/iOS), the best option is to use MAM (Mobile Application Management). MAM is accomplished by using an App Protection Policy along with a Conditional Access Policy. You can use MAM in conjunction with MDM, but this post will

Protect Company Data on Personal iOS/Android devices using Intune Mobile Application Management (MAM) Read More »

Use Hyper-V and PowerShell to quickly spin up Windows test machines 

If you are constantly testing Intune and autopilot configurations, you probably use hyper-v on your local PC or have some form of virtualization to help accomplish this. When you’re testing configs for various tenants, its usually quicker to spin up a machines with a unique VM ID & serial number for testing. I tried to

Use Hyper-V and PowerShell to quickly spin up Windows test machines  Read More »

Use device filters for conditional access policies to exclude/include specific devices

If you have a use case to exclude or include certain devices from a conditional access policy, Microsoft gives us the option to “filter for devices” when creating or editing a policy. For example, you can exclude all Dell devices from a policy. In this demonstration, I have a conditional access policy to block sign-ins from

Use device filters for conditional access policies to exclude/include specific devices Read More »

Deploy Shared Network Printers (SMB) with Intune

I just came across this issue and figured I’d make a post about it. Before I begin, I am mostly anti-windows print server. There are cloud print solutions and ways to connect printers via IP port with intune. If you need to deploy printers via IP port to workstations, use Ben Whitmore’s post – https://msendpointmgr.com/2022/01/03/install-network-printers-intune-win32apps-powershell/. I

Deploy Shared Network Printers (SMB) with Intune Read More »

Use Intune to configure Teams QoS for Windows Clients (when you don’t have GPOs)

Businesses are increasingly adopting Teams as their company telephony solution. At the same, many are also ditching on prem Active Directory and turning to Endpoint Manager with Azure AD for device and identity management. In many cases, implementing QoS won’t make a noticeable difference in audio/video performance. However, if the organization has a more complex

Use Intune to configure Teams QoS for Windows Clients (when you don’t have GPOs) Read More »