Microsoft Intune

Use PowerShell to Document Your Intune Tenant

Thomas Kurth has put together a PowerShell script that can be run against an Intune tenant to retrieve information about it. This is useful in cases where you need a quick look at how Intune is configured in various areas. Currently it documents the following: Configuration Policies Compliance Policies Device Enrollment Restrictions Terms and Conditions Applications (Only Assigned) Application Protection Policies AutoPilot Configuration Get it here: Intune Documentation

Managing Windows 10 Devices in Intune Using Administrative Templates

Recently, Microsoft delivered over 2500 administrative templates-based settings for Intune administrators to better managed Windows 10 settings. These settings are very similar to what administrators are used to working with in Active Directory and GPO scenarios – further blurring the line between on-premises and the cloud. To setup and administer Windows 10 devices in Intune using these new benefits… In the portal, go to: Microsoft Intune > Device configuration – Profiles and create a new profile. Give the new profile an applicable name, select Windows 10 as the Platform, and choose Administrative Templates as the Profile Type. Once you click the Create button, you’ll be taken to the properties page of the new profile: Microsoft Intune > Device configuration ...

What to Expect When a Specific WSUS Synchronization Endpoint is Decommissioned on July 8

On Monday, July 8, Microsoft will decommission one of its synchronization servers. Failover to the new architecture is available, but organizations that are still connecting to the old endpoint may experience a slowdown in the initial sync. According to Microsoft… On Monday, July 8th, the WSUS synchronization endpoint fe2.update.microsoft.com will be fully decommissioned and no longer reachable. For WSUS servers that are still configured for the old endpoint, this change should result in a one-time slow sync (typically just a few minutes) as the WSUS server automatically switches to the new endpoint. Although the switch should occur automatically, if you encounter synchronization errors after Monday, see the KB article below for steps to verify if you are affected by the problem and ...

Tip: Windows Autopilot Branding

This repository contains a sample Windows Installer (MSI) definition that can be used to customize Windows 10 devices via Windows Autopilot (although there’s no reason it can’t be used with other deployment processes, e.g. MDT or ConfigMgr). https://github.com/mtniehaus/AutopilotBranding  

What’s Microsoft Working on for Intune? There’s Now a Page for That

Microsoft is in constant motion developing new features for its cloud-based endpoint management solution, Intune. There’s always a list of upcoming features that are under development, but now Microsoft is making that list public and promising to update it monthly. The page to bookmark: In development for Microsoft Intune The RSS feed to follow: RSS Feed Each month, when new public features are released and the What’s New page is updated, Microsoft will also update the In Development page to keep the list updated. Microsoft isn’t using this new page to replace any other communication methods (i.e., through the message center and the roadmap). This is just another avenue for customers to get information to plan for forthcoming features. Microsoft also reserves the right to...

Apple Records Stuck in ConfigMgr After Hybrid Migration to Intune

If you’re a System Center Configuration Manager customer who has opted to do the Hybrid migration of your managed Apple devices, the Apple records have been found to get stuck in the ConfigMgr console – essentially creating duplicate records on-premises and in the cloud. Microsoft is aware of the problem and offers the following solutions until a resolution is developed: If you happen to run into this prior to changing your MDM authority, then kindly delete the DEP records from ConfigMgr. If you’ve already migrated, then you can run the SQL command below on the ConfigMgr database, which will remove the records:     Delete from MDMCorpOwnedDevices where DeviceType=8 and DiscoverySources=4

Tip: Getting Notified of the Features Added Weekly to Microsoft Intune

While System Center Configuration Manager won’t be going away anytime soon due to a large group of on-premises holdouts and old-timers, Intune has become a very viable alternative for many organizations. So, when Enterprises do decide to “cut-the-cord,” Microsoft Intune will be ready. Microsoft continues its steady pace of bolstering its web-based endpoint management technology, Microsoft Intune. Every week there’s new features, modifications, and improvements. To get notified when new features are added, add the following to your favorite RSS reader: https://docs.microsoft.com/api/search/rss?search=%22What%27s+new+in+microsoft+intune%3F+-+Azure%22&locale=en-us The new features won’t display in your RSS reader, but the new page count will increment to let ...

Microsoft Intune, Others, Become Google Certified for Android Enterprise Management

The EMM market has had slow uptake over its initial few years but has really picked up more recently. Google has just announced a new resource for customers using the Android platform to locate the top Enterprise management solutions. The initial list is a solid one, showcasing some of the most known vendors. Google says it will add more over time. Included in the inductees is Microsoft’s Intune alongside BlackBerry, Google Cloud, I3 Systems, IBM, MobileIron, Softbank, SOTI, and VMware. EMM solutions must meet the following conditions: Experience across multiple Android Enterprise management sets Proven ability to deliver advanced security and management features A consistent deployment experience, with admin consoles that simplify set-up of Android Enterprise Documentation and guide...

New Intune Features for December 2018

Microsoft continues its steady improvements for its cloud-based endpoint management solution, Intune. Intune is updated regularly and if you miss a single update you generally miss a lot. Here’s what’s available now from the December 10, 2018 updates. Updates for Application Transport Security Microsoft Intune supports Transport Layer Security (TLS) 1.2+ to provide best-in-class encryption, to ensure Intune is more secure by default, and to align with other Microsoft services such as Microsoft Office 365. In order to meet this requirement, the iOS and macOS company portals will enforce Apple’s updated Application Transport Security (ATS) requirements, which also require TLS 1.2+. ATS is used to enforce stricter security on all app communications over HTTPS. This change im...

Tip: The Living Intune Configuration and Roll-out Guide

Provided as a living document for those that need a guide for configuring and deploying Intune, the Lazy Administrator, Brad Wyatt, has supplied the following online resource: CONFIGURE AND DEPLOY INTUNE MDM    

Tip: Command-Line Parameters for the Microsoft Intune Win32 App Packaging Tool

Use the Microsoft Intune Win32 App Packaging Tool to pre-process Windows Classic apps. The packaging tool converts application installation files into the .intunewin format. The packaging tool also detects the parameters required by Intune to determine the application installation state. After you use this tool on your apps, you will be able to upload and assign the apps in the Microsoft Intune console. Download the latest: Microsoft Intune Win32 App Packaging Tool Command-line options -h – Help -c setup_folder_name – Setup folder for all setup files. All files in this folder will be compressed into .intunewin file. Only the setup files for this app should be in this folder. -s setup_file_name – Setup file (e.g. setup.exe or setup.msi). -o output_file_name – Output ...

Intune Win32 App Packaging Tool Updated to Version 1.3

Use the Microsoft Intune Win32 App Packaging Tool to pre-process Windows Classic apps. The packaging tool converts application installation files into the .intunewin format. The packaging tool also detects the parameters required by Intune to determine the application installation state. After you use this tool on your apps, you will be able to upload and assign the apps in the Microsoft Intune console. Download the latest: Microsoft Intune Win32 App Packaging Tool