Over the last few weeks, several posts have been made about the release of the Windows 11 24H2 security baselines. If you’re unfamiliar with security baselines, they’re a pre-configured set of security settings based on Microsoft’s best security practices. Applying all security baseline settings, especially in an existing environment, can cause chaos and problems for […]
Import all 24H2 Security Baseline Policies with a Script Read More »
Several weeks ago, I wrote a script and blog to bulk export Intune policies. That blog can be found here. What started as trying to export/import settings catalog policies in bulk evolved into more, and I added to the script to do more than just settings catalog policies. This is useful for people who often
Bulk Import Intune Policies and Configurations Read More »
There’s no shortage of posts regarding updating the background and lock screen images for your endpoints. The question that usually comes up is how to do this on Windows 10/11 Pro. This is because the Intune device restriction policy makes adding background/lock screen images easy, but it’s only compatible with Windows Enterprise/Edu SKUs. If that
Auto Rotate Background & Lock Screen Images with AZ Automation + Graph API Read More »
I do a lot of testing for clients and prospects with Azure, Intune, and Autopilot. Although I do the vast majority of my testing using Hyper-V VMs (I made a post about this here for quickly provisioning machines – Use Hyper-V and PowerShell to quickly spin up Windows test machines – SMBtotheCloud), sometimes there is
Identify where a Self-Deploying Autopilot device is registered Read More »
If you work at an MSP or regularly configure Intune for other organizations, you probably configure many of the same policies/profiles several times a month. The ability to bulk export & import your standard configuration policies will help make your deployments more efficient and standardized. This post describes some methods to export your policies, and
Bulk Exporting Intune Policies Read More »
I recently inherited an existing Hybrid-Join Intune tenant and had a unique situation where I needed to use Azure to test Autopilot. Since this was a new client and an environment I was not familiar with, I needed to put my disdain for hybrid-join aside and help determine if Hybrid-Join Autopilot was still functioning. Yes,
Using Azure VMs for Autopilot Testing Read More »
Last year, I wrote a post on deploying the SentinelOne agent for Windows using Intune (Deploy SentinelOne with Intune – SMBtotheCloud). Since then, several people have contacted me asking if I could write a post on how to do this for macOS. So, a few months ago, I picked up a used MacBook to start
Deploy SentinelOne for macOS with Intune Read More »
If you or your customers use Perch SIEM, you probably have (or started with) Hybrid or AD joined devices with a GPO configured to configure the Audit logging on the endpoints and deploy the log shipper with Intune. As you transition the endpoints to Entra Join, you’ll need to deploy the audit settings and app
Deploy Perch Workstation Audit settings and Log Shipper Agent with Intune Read More »
