Creating dynamic (or assigned) groups with the Graph PowerShell module is a very efficient way to make multiple groups in just a few seconds. This can be particularly useful if you work at an MSP where you work with new Intune clients frequently, and have group templates you use for all your tenants. The Graph […]
Script Group Creation with the Graph PowerShell module Read More »
Intro Several months ago I read a blog about exporting and importing Intune configuration profiles and policies between tenants (Export & Import Intune policies and configuration using Graph API (cloudsecuritea.com). This method worked well and saved a lot of time, but this method doesn’t work for settings catalog profiles. Now that settings catalogs are the
Export & Import settings catalog profiles between tenants with PowerShell and Graph API Read More »
Getting devices registered in autopilot can be a pain if they are already in production. I wrote a post last month about uploading hardware hashes to blob storage (or a network share) and then merging the CSV hashes into a single file for upload. However, I recently discovered the Get-WindowsAutoPilotInfo script can authenticate to your
PowerShell an App Registration & use it for Autopilot Registration Read More »
When organizations want to secure their company data but still allow employees to use personal mobile devices (Android/iOS), the best option is to use MAM (Mobile Application Management). MAM is accomplished by using an App Protection Policy along with a Conditional Access Policy. You can use MAM in conjunction with MDM, but this post will
If you are constantly testing Intune and autopilot configurations, you probably use hyper-v on your local PC or have some form of virtualization to help accomplish this. When you’re testing configs for various tenants, its usually quicker to spin up a machines with a unique VM ID & serial number for testing. I tried to
Use Hyper-V and PowerShell to quickly spin up Windows test machines Read More »
If you have a use case to exclude or include certain devices from a conditional access policy, Microsoft gives us the option to “filter for devices” when creating or editing a policy. For example, you can exclude all Dell devices from a policy. In this demonstration, I have a conditional access policy to block sign-ins from
Use device filters for conditional access policies to exclude/include specific devices Read More »
I just came across this issue and figured I’d make a post about it. Before I begin, I am mostly anti-windows print server. There are cloud print solutions and ways to connect printers via IP port with intune. If you need to deploy printers via IP port to workstations, use Ben Whitmore’s post – https://msendpointmgr.com/2022/01/03/install-network-printers-intune-win32apps-powershell/. I
Deploy Shared Network Printers (SMB) with Intune Read More »
Businesses are increasingly adopting Teams as their company telephony solution. At the same, many are also ditching on prem Active Directory and turning to Endpoint Manager with Azure AD for device and identity management. In many cases, implementing QoS won’t make a noticeable difference in audio/video performance. However, if the organization has a more complex
Use Intune to configure Teams QoS for Windows Clients (when you don’t have GPOs) Read More »
