Remove Any Installed Version of Microsoft Office When Deploying M365 Desktop Apps

/ / Intune

Deploying the Microsoft Office 365 desktop apps has become an easy task with Intune. This is especially true for environments where all machines are being replaced or wiped, and enrolled via Autopilot. However, not everything can be that easy. What if you encounter an environment with hundreds or thousands of PCs with various versions of […]

Remove Any Installed Version of Microsoft Office When Deploying M365 Desktop Apps Read More »

Removing Windows Hello (WHfB) as a sign-in method when it’s already configured on devices

/ / Intune, Windows

I’ll start this post by saying I do not endorse disabling Windows Hello for Business. There are big benefits to using WHfB, and I recommend using it. But, different organizations have different desires. So, this post will describe how to remove Windows Hello as an authentication method on workstations. To clarify – how to remove

Removing Windows Hello (WHfB) as a sign-in method when it’s already configured on devices Read More »

Hybrid Device Join – What Happens Behind the Scenes

/ / Azure, Windows

I recently had a situation I hadn’t encountered before while moving a client to Hybrid Device Join + Intune (or Entra ID Join, HAADJ, EIDJ, or whatever you want to call it these days). This involved both firewall settings and configuration manager blocking device registration (see Ben’s post here for more on that Co-management Series

Hybrid Device Join – What Happens Behind the Scenes Read More »

Deploy Organizational Teams Backgrounds without Teams Premium licenses – Azure Storage Account + Intune Remediations

/ / Azure, Intune, Teams

***A new post covering how to do this for New Teams is available here – Deploy Custom Backgrounds to New Teams with Remediations – SMBtotheCloud A client recently wanted to deploy organizational backgrounds to all Teams users. However, this is now a Teams Premium feature, which is an additional cost per user per month (Custom

Deploy Organizational Teams Backgrounds without Teams Premium licenses – Azure Storage Account + Intune Remediations Read More »

Dynamically add Device Extension Attributes using Remediations

/ / Azure, Intune, Windows

Intro Every couple of weeks I see a Reddit post or question asking about device group memberships or filters for certain properties that Azure AD doesn’t natively contain. One common request is making a dynamic group for all desktops or all laptops. There may be other specific properties about your devices that Azure AD doesn’t

Dynamically add Device Extension Attributes using Remediations Read More »

Testing Conditional Access for Workload Identities

/ / Azure, Intune

Conditional Access is constantly evolving and adding new features. One of the newer features is conditional access for workload identities. This allows us to secure service principals for our app registrations. At the moment, this is limited to two conditions – service principal risk and/or Locations. Personally, I’d like to see grant controls for compliant

Testing Conditional Access for Workload Identities Read More »

Set desktop & lock screen background on Windows 10 Pro using Intune

/ / Intune

Updated 5/24/2023 – New Custom Detection Script to update your images without updating your Win32 App I recently had a client come to me asking about setting the wallpaper and lock screen, which is a fairly simple task by following the original post content under this section. However, they had several business units where they

Set desktop & lock screen background on Windows 10 Pro using Intune Read More »