If you use Teams as a collaboration tool, you or your clients may have outside businesses they collaborate with. The traditional way to add outside users is to add them as guest users, and then give them permissions to your Teams/Channels. However, what if this is a long term project, you have numerous departments or […]
A quick summary on User/System context for app deployments I see posts about this on Reddit pretty often. Usually the OP is trying to copy a configuration file to the target user’s appdata folder. They run the script manually on a workstation, and it all works fine, but when they try deploying it through Intune,
Intro This post was inspired by a question posted to the Modern Endpoint Management LinkedIn group about syncing/backing up users’ teams backgrounds to OneDrive. I work with Teams a lot, so this was something I was interested in solving. Teams backgrounds are stored in the user’s %appdata% folder. So, the challenge was to sync the
Sync Users’ Teams Backgrounds (or other files) with OneDrive using Intune Read More »
Intune does not have a native way to create scheduled tasks, but we can still deploy them to machines by using a Win32 app. If you don’t have the licensing to use proactive remediations, we can use this as a workaround to get some similar results (but without any native reporting in Intune). So, for
Deploy Scheduled Tasks as Win32 Apps Read More »
Intro This post is for autopilot newbies or for anyone who wants a review of manually enrolling devices. In most cases, we try to use scripted automation for existing device enrollment. I have a few posts on some various ways to do this here, here, and here. If you have an RMM and numerous devices
Manually register new or existing devices with Autopilot Read More »
A couple months ago I posted how you can upload autopilot hardware hash files directly to blob storage from your target machines – https://smbtothecloud.com/upload-autopilot-hardware-hashes-to-azure-blob-storage/. I wanted to try automating as much of the remaining process as possible and found myself down a rabbit hole. This solution is probably overkill to gather hardware hash files, but
PowerShell + Data Factory + Logic App = Autopilot Hardware Hashes sent to you in Teams Read More »
Creating dynamic (or assigned) groups with the Graph PowerShell module is a very efficient way to make multiple groups in just a few seconds. This can be particularly useful if you work at an MSP where you work with new Intune clients frequently, and have group templates you use for all your tenants. The Graph
Script Group Creation with the Graph PowerShell module Read More »
Intro Several months ago I read a blog about exporting and importing Intune configuration profiles and policies between tenants (Export & Import Intune policies and configuration using Graph API (cloudsecuritea.com). This method worked well and saved a lot of time, but this method doesn’t work for settings catalog profiles. Now that settings catalogs are the
Export & Import settings catalog profiles between tenants with PowerShell and Graph API Read More »
Getting devices registered in autopilot can be a pain if they are already in production. I wrote a post last month about uploading hardware hashes to blob storage (or a network share) and then merging the CSV hashes into a single file for upload. However, I recently discovered the Get-WindowsAutoPilotInfo script can authenticate to your
PowerShell an App Registration & use it for Autopilot Registration Read More »
When organizations want to secure their company data but still allow employees to use personal mobile devices (Android/iOS), the best option is to use MAM (Mobile Application Management). MAM is accomplished by using an App Protection Policy along with a Conditional Access Policy. You can use MAM in conjunction with MDM, but this post will