Category: Intune

Pop up when pasting into a personal application
Dataprotection
Philip Büchler

Edge Version 81 now supports Windows Information Protection

Introduced a long time ago, Windows Information Protection (WIP) still lives in a niche of configurations that only very few actually use. Which is a shame, as its very powerful and easy(-ish) to configure. You can read everything about it in Microsofts documentation for the feature.  One thing that was

Read More »
Intune
Thomas Kurth

Updated Automatic Intune Documentation Script

Today I had time to improve the Intune Documentation PowerShell Module. This new release brings the following benefits: Bugfix: All ADMX settings are now correctly displayed Assignments of various elements like Scripts, ADMX, Enrollment Status Page and Windows Hello for Business are now documented Section “Enrollment Status Page” renamed to “Enrollment Configuration” because it contains also WHfB, Enrollment Restrictions, ESP, and Enrollment Limits.  Configuration Profiles are now loaded from the Beta Graph API. Therefore, much more types are returned. For example the Domain Join configuration is now part of the documentation. Since

Read More »
Intune
Thomas Kurth

Extended Windows Autopilot Companion App

The last weeks I had time to play a little bit more with Windows Autopilot especially White-Glove and the Companion App example from Microsoft.  First of all, one of the bad things is, that the app is not published to an Store. But I hope I can change that in

Read More »
Intune
Thomas Kurth

Added ADMX backed Policy to Automatic Intune Documentation Script

I just had time to add new objects to the Intune documentation which makes your documentation much more complete. This time I added ADMX backed policies or in the Intune console named Administrative Template Profile. This profile type provides a lot of settings which are not available over OMA-Uri. Therefore,

Read More »
Intune
Thomas Kurth

Configure Windows 10 Auditing with Intune

Windows 10 auditing needs to be configured to comply with the Microsoft Security Baseline. In my opinion this is an important part but completely missed in the Intune UI. But happily there is the Policy CSP which allows us to configure it. The CSP is documented here https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-audit. To simplify

Read More »
Intune
Thomas Kurth

Updated Automatic Intune documentation

The Intune documentation script is now updated and includes the documentation of Application Configurations, PowerShell Scripts and a new documentation design. Additionally, I did various testing’s and fixed some smaller bugs. Download from Github Device Management Scripts / PowerShell Scripts In a Windows 10 deployment the PowerShell Script feature helps

Read More »
Intune
Thomas Kurth

Cleanup duplicated devices in Intune

In nearly every environment I detect duplicated devices which make most of the reports incorrect and it makes it hard for the support staff to find the correct device of a user. This script basically will remove all devices which have another object with the same serialNumber and are not

Read More »
Intune
Thomas Kurth

Extended Intune Documentation Script

Today I had time to extend my Intune Documentations script with new sections and release version 11 on Github. The script now documents the following parts of Intune: Configuration Policies Compliance Policies Device Enrollment Restrictions Terms and Conditions Applications (Only Assigned) Application Protection Policies AutoPilot Configuration Enrollment Page Configuration Apple

Read More »

Automatic environment cleanup with Intune Connector for AD Extender

In today’s environments one of the most important point is to keep them clean and tidy. Otherwise deployment statistics and security related reports are not correct. Therefore it’s important to continuously clean up your environment. In this blog I will cover solution on how to automatically cleanup when you are

Read More »

Extending the Intune Connector for Active Directory

When using Azure AD Hybrid Join with Windows Autopilot the «Intune Connector for Active Directory» is closing the gap between your on-premise Active Directory and Azure AD. It provides the domain join functionalities to your devices. This process works great, but as soon you start using it you have more

Read More »