Intro This post is for autopilot newbies or for anyone who wants a review of manually enrolling devices. In most cases, we try to use scripted automation for existing device enrollment. I have a few posts on some various ways to do this here, here, and here. If you have an RMM and numerous devices […]
Manually register new or existing devices with Autopilot Read More »
A couple months ago I posted how you can upload autopilot hardware hash files directly to blob storage from your target machines – https://smbtothecloud.com/upload-autopilot-hardware-hashes-to-azure-blob-storage/. I wanted to try automating as much of the remaining process as possible and found myself down a rabbit hole. This solution is probably overkill to gather hardware hash files, but
PowerShell + Data Factory + Logic App = Autopilot Hardware Hashes sent to you in Teams Read More »
Creating dynamic (or assigned) groups with the Graph PowerShell module is a very efficient way to make multiple groups in just a few seconds. This can be particularly useful if you work at an MSP where you work with new Intune clients frequently, and have group templates you use for all your tenants. The Graph
Script Group Creation with the Graph PowerShell module Read More »
Intro Several months ago I read a blog about exporting and importing Intune configuration profiles and policies between tenants (Export & Import Intune policies and configuration using Graph API (cloudsecuritea.com). This method worked well and saved a lot of time, but this method doesn’t work for settings catalog profiles. Now that settings catalogs are the
Export & Import settings catalog profiles between tenants with PowerShell and Graph API Read More »
Getting devices registered in autopilot can be a pain if they are already in production. I wrote a post last month about uploading hardware hashes to blob storage (or a network share) and then merging the CSV hashes into a single file for upload. However, I recently discovered the Get-WindowsAutoPilotInfo script can authenticate to your
PowerShell an App Registration & use it for Autopilot Registration Read More »
When organizations want to secure their company data but still allow employees to use personal mobile devices (Android/iOS), the best option is to use MAM (Mobile Application Management). MAM is accomplished by using an App Protection Policy along with a Conditional Access Policy. You can use MAM in conjunction with MDM, but this post will
If you are constantly testing Intune and autopilot configurations, you probably use hyper-v on your local PC or have some form of virtualization to help accomplish this. When you’re testing configs for various tenants, its usually quicker to spin up a machines with a unique VM ID & serial number for testing. I tried to
Use Hyper-V and PowerShell to quickly spin up Windows test machines Read More »
If you have a use case to exclude or include certain devices from a conditional access policy, Microsoft gives us the option to “filter for devices” when creating or editing a policy. For example, you can exclude all Dell devices from a policy. In this demonstration, I have a conditional access policy to block sign-ins from
Use device filters for conditional access policies to exclude/include specific devices Read More »
