User Account Type | Autopilot Deployment Profile | Standard
User Account Type | Autopilot Deployment Profile | Standard | Administrator | MemberShipChanges | AddSIDs | CloudAssignedOobeConfig| Call4Cloud - Intune | MMP-C | WinDC | Autopilot
User Account Type | Autopilot Deployment Profile | Standard | Administrator | MemberShipChanges | AddSIDs | CloudAssignedOobeConfig| Call4Cloud - Intune | MMP-C | WinDC | Autopilot
Hidden Graph Policies are showing new OOBE controls for Autopilot Device Preparation (AP-DP): naming, skip EULA, set device name.| Call4Cloud - Intune | MMP-C | WinDC | Autopilot
Introduction Outbound SSH can be a serious blind spot. Attackers can use SSH tunnels to bypass firewalls, EDR, and even AppLocker — proxying malicious activity without running tools directly on the host. This enables lateral movement and internal compromise. To mitigate this, I block outbound SSH connections and enforce application control on SSH binaries using Microsoft Intune, combining Windows Firewall and AppLocker for layered protection. Why Outbound SSH is Dangerous SSH is often seen ...| imab.dk
Introduction Microsoft is introducing new Microsoft 365 companion apps to Windows 11 devices as part of a broader integration effort. These apps may be [...]| www.imab.dk
In this post, I will show you the process to upgrade to Windows 11 25H2| CloudInfra
This post is about showing you how to setup/configure Remote Help in Intune. Remote help| CloudInfra
In this post, I will show you how to set up Conditional Access for Remote| CloudInfra
This quick start guide on the Remote Help web app covers features of Remote Help| CloudInfra
In this post, I will show you the steps to deploy Remote Help app on| CloudInfra
This post is about learning how to deploy Remote Help app on Windows via Intune.| CloudInfra
In this post, I will show you how to connect dell management portal with Intune.| CloudInfra
This will be a quick post to show you how to fix MDM logs collection| CloudInfra
In this post, I’ll show you how to setup/configure Autopilot Device Preparation in Intune. Windows| CloudInfra
In this post, I’ll demonstrate the steps to deploy Google Chrome on Windows using Intune. Chrome is available in both Personal and Enterprise editions. While| CloudInfra
I’ve gotten the chance to play around with Robopack in my lab environment and wanted to give you the chance to follow along, what were my first impressions and what it can do for you.| Mike's MDM Blog
Microsoft is rolling out Phase 2 of Azure services MFA enforcement starting October 1, 2025. This update requires MFA for all Azure Resource Manager operations. In this article, we dive into what you need to do to comply with the new enforcement requirements. The post Practical Protection: Microsoft Doubles Down on Azure MFA Enforcement appeared first on Practical 365.| Practical 365
Auditing Attack Surface Reduction (ASR) rules can generate overwhelming data. In this blog, we walk through the different ways of verifying the ASR audit results, different types of exclusions, and provide an advanced KQL that surfaces detailed information.| Practical 365
This is a hiring opportunity for a Microsoft Intune Specialist in Long Beach, CA. STAND 8 Technology Consulting is seeking candidates for a Microsoft Intune Specialist in Long Beach, CA. This is an on-site work mode. STAND 8 is a global technology consulting and staffing leader with 15 years of success in the enterprise sector. […]| HTMD Forum
This is a hiring opportunity for a Senior Intune Specialist in Indianapolis, IN. Stefanini Group is seeking candidates for a Senior Intune Specialist| HTMD Forum
I have had the great pleasure of working with a Microsoft 365 Link for more than a week. I must say it is the most and least exiting thing in a long time.Why it is both exiting and not? Because it just delivers! It just works straight off, boots fast to a sign in prompt...| CCMEXEC.COM - Enterprise Mobility
It’s been a while since there was an actual release of the Autopilot Branding script, although there were a few “preview” releases as we worked out kinks in the processes. Things …| Out of Office Hours
This will be a quick post on how to enable Education themes on Windows using| TechPress
In this post, I will show you how to deploy Android studio on macOS with| TechPress
This guide will cover the steps on how to block apps on macOS with Intune.| TechPress
In this post, I will demonstrate the steps to deploy Santa app on macOS using| TechPress
In this post, I will show you how to set macOS device name to serial| TechPress
In this blog post, I’ll demonstrate the steps to setup Multi Admin Approval (MAA) in| TechPress
In this blog post, I will show you the steps to fix error 0x87D13BA2 deploying| TechPress
This post will demonstrate the steps to create custom attributes for macOS using Intune. Custom attributes let you collect the inventory data from Intune| TechPress
In this post, I’ll show you how to enable auto updates in Google Chrome using Intune. Chrome updates itself by default, but you can enforce this setting with| CloudInfra
In this blog post, I will cover the steps to remove security tab from file explorer on Windows devices. When you right-click on any folder, file, shortcut, or| CloudInfra
Let's Discuss Troubleshooting the Intune Device Limit Issue on macOS. As you all know that sometimes macOS Device Enrollment enrolling a macOS device| How to Manage Devices Community Blog Modern Device Management Guides
This is a hiring opportunity for an Intune Architect in Downey, CA. JRD System is seeking candidates for an Intune Architect in Downey, CA . This is a Hybrid| HTMD Forum
Some supporting software from hardware vendors prompts the end users to install when as supported hardware is connected to the device. An example is Dell Display and Peripheral Manager. Which prompts the end user to launch an installer that in turn requires the end user to be local admin or the installation fails. It could...| CCMEXEC.COM - Enterprise Mobility
From my last blogpost, I showcased how to setup Microsoft Connected Cache (MCC) for Enterprise on both Windows and Linux. There I suggested folks go with the Linux solution and that’s the assumption I’ve made for this blogpost. So why bother with the complexity of configuring HTTPS? There’re three strong arguments: Source It’s also a […] The post Microsoft Connected Cache for Enterprise and Education – HTTPS appeared first on Mindcore Techblog.| Mindcore Techblog
Exciting News! New 3 Top Features Included in Windows Autopatch. In 2024, Windows Autopatch offers new features that promise efficiency, precision, and| How to Manage Devices Community Blog Modern Device Management Guides
MAA | Microsoft Azure Attestation | HealthAttestationClientAgent | AttestAzure | SRTM_resume_log | AIK | Intune | request is invalid| Call4Cloud - Intune | MMP-C | WinDC | Autopilot
The new Install Windows Updates option in Autopilot ESP controls whether Windows quality updates run during OOBE. Find out how it works| Call4Cloud - Intune | MMP-C | WinDC | Autopilot
Let's discuss how to Track Windows Devices with Compliance Grace Period Ending Before a Set Date in Intune Security Copilot. A Compliance Grace Period is the| How to Manage Devices Community Blog Modern Device Management Guides
Intune Endpoint Privilege Management got more and more features in the last months (child process behavior, argument support, etc.), converting it from a relatively basic EPM solution to a competitive product. However even with all that improvements, there are still a few things that are not as intuitive as they could be, so I wanted to show you a few tips and tricks from the field, showing you how you can solve some of the more complex scenarios| Mike's MDM Blog
Many SMBs and MSPs are now migrating their devices to Intune management and why not, M365 Business Premium is tremendous value for money and it removes the requirement for on-site hardware to maintain. I’m not going to run through and entire end-to-end configuration for a new tenant in this post, but instead flag up some ... Read more| Andrew Taylor
Something that flew under my radar this summer was the release of Microsoft Connected Cache for Enterprise and Education. Originally, Configuration Manager (SCCM) had a Connected Cache functionality through its Distribution Points. This is something I’ve successfully deployed before and actually works great by caching content on-premises so clients can benefit from Delivery Optimization features […] The post Microsoft Connected Cache for Enterprise and Education – Deployment guide appea...| Mindcore Techblog
Objective In this article I will walk you through installing progressive web app’s, or PWA’s to endpoint machines using either PowerShell or Microsoft Intune. You may want to do this for users with frontline licenses that grant them web apps but not full desktop application's. What are Progressive Web Applications? Progressive Web Apps (PWAs) are| The Lazy Administrator
Virtual Account | LogonUserExExW | logon32_provider_virtual | lsamanagesidnamemapping | EPM | s-1-5-110 | Domain | MEM | advapi32.dll| Call4Cloud - Intune | MMP-C | WinDC | Autopilot
A new Elevation Account option is added to EPM Elevation Rules. It aims to fix virtual account issues such as missing access to user profiles| Call4Cloud - Intune | MMP-C | WinDC | Autopilot
Introduction Windows Protected Print (WPP) is a new feature in Windows 11 24H2 designed to enhance print security by addressing vulnerabilities such as [...]| www.imab.dk
As Rudy Ooms discovered on the Microsoft 365 Message Center, bulletin MC1134168 announced a change coming with the September 2025 cumulative update: You’ll be able to install updates at the end of […]| Out of Office Hours
Let's discuss how to Disable Automatic Media Playback for Websites Policy in MS Edge Browser using Intune. The media autoplay policy controls| How to Manage Devices Community Blog Modern Device Management Guides
With the GA of the Microsoft Connected Cache for Enterprise it now also supports HTTPS Content, which allows it to also support Teams and future Intune Content which will move from HTTP to HTTPs. In this part, I will show you how you can enable HTTPS support for your Connected Cache Nodes. It is not […]| Mike's MDM Blog
Around two weeks ago, Microsoft announced the Connected Cache for Enterprise is now finally generally available: Microsoft Connected Cache is now generally available – Windows IT Pro Blog In Part 1 I will cover how you can migrate your preview nodes to GA.| Mike's MDM Blog
This is a Hiring Opportunity for a Microsoft Intune Mobile Device Support Engineer in Bakersfield, CA. Smart IT Frame is seeking candidates for a Microsoft Intune Mobile Device Support Engineer in Bakersfield, CA. This is an on-site work mode. Smart IT Frame is a certified IT solutions company, started in 2012 and based in Somerset, […]| HTMD Forum
This is a Hiring Opportunity for an Intune Engineer in Miami, FL. Venon Solution is seeking candidates for an Intune Engineer position in Miami, FL. This is a| HTMD Forum
Now it's time to look into Intune Filters for Azure Virtual Desktop VMs. Let's learn about creating AVD Intune Filters to Target Apps Policies Only to Windows| How to Manage Devices Community Blog Modern Device Management Guides
In this post, you will learn more about collecting Intune logs using the Intune Admin portal. This is helpful to collect Intune logs from Windows 10 and| How to Manage Devices Community Blog Modern Device Management Guides
Let's quickly check the list of security baselines settings for Cloud PC (Windows 365 service). Microsoft Endpoint manager (a.k.a Intune) provides an out of| How to Manage Devices Community Blog Modern Device Management Guides
Let's learn to Upgrade to Windows 11 using Intune Feature Update Deployment Policy. This is the only policy that upgrades Intune managed Windows 10 PCs into| How to Manage Devices Community Blog Modern Device Management Guides
In this post, you will how to create Windows 11 filter Rule in Intune. Let's quickly look into possibilities of building Intune filter rule for Windows 11| How to Manage Devices Community Blog Modern Device Management Guides
Let's learn how you can enable Windows Autopilot Diagnostics Page. By enabling the Windows Autopilot Diagnostics Page, IT administrators can have a better| How to Manage Devices Community Blog Modern Device Management Guides
In the post, You will see the details about the option that allows you to duplicate Intune RBAC roles. You can easily copy an existing role that will be| How to Manage Devices Community Blog Modern Device Management Guides
Let's learn the Enable Optimized Performance of Edge Browser for Windows 11 using Intune or Group Policies. Nowadays, everything is online, so it's essential| How to Manage Devices Community Blog Modern Device Management Guides
Let's check the details of how Intune Endpoint Privilege Management works in Windows. Endpoint Privilege Management will allow you to set rules and parameters| How to Manage Devices Community Blog Modern Device Management Guides
In this post, let's learn about the Audit Policies for Windows 11 and their configuration using GPO or Intune. The Audit policies provide better security for| How to Manage Devices Community Blog Modern Device Management Guides
You can easily export the Intune device compliance policies from Intune portal, aka Endpoint Manager. Intune Compliance Policy is to help to protect company| How to Manage Devices Community Blog Modern Device Management Guides
Microsoft silently started rolling out Intune Support for Linux capabilities with Microsoft Intune. Several users reported this on Twitter. The first report| How to Manage Devices Community Blog Modern Device Management Guides
In this post, we will check about Intune monthly released new features in Microsoft Intune Service Release 2211 November Update. Microsoft releases| How to Manage Devices Community Blog Modern Device Management Guides
Intune Chrome OS support is already available in Microsoft Intune. The Power Automate integration is coming soon. Chrome Devices must be enrolled before you| How to Manage Devices Community Blog Modern Device Management Guides
I wanted to automate the minimum version for a MacOS compliance policy in Microsoft Intune. There were a couple of requirements: The Script To fulfill the first requirement I searched for a reputable source. Of course, I ended up on reddit. Just kidding of course. But! Reddit lead me to reputable source. Turns out Apple ... Read more The post Automate MacOS version compliance appeared first on NielsKok.Tech.| NielsKok.Tech
Let's discuss Allow Users to Choose Merging or Keeping Both Copies during Office File Sync Conflicts using Intune. As you all know, Microsoft Intune is a| How to Manage Devices Community Blog Modern Device Management Guides
A while ago, I took a look at what Security Copilot could do for you in Intune and how you can set it up, while it still was in public preview: Getting started with Intune Copilot – Mike’s MDM Blog| Mike's MDM Blog
I have been fortunate enough to have been running Microsoft Security Copilot along with the new “Explorer” functionality for a while now so thought I would put it to the test to see how much of my everyday tasks as an Intune admin it can help me with.| Andrew Taylor
This is a Hiring an Intune Engineer in Quincy, MA Rose International is seeking candidates for an Intune Engineer position in Quincy, MA. This is a Hybrid work mode. Rose International is a nationwide leader in Staffing and Total Talent Solutions, founded in 1993 and operating across the United States. With offices throughout the country, the […]| HTMD Forum
Intune or Autopilot Administrator On-Site Role in the United States! This is a hiring Opportunity for an Intune/ Autopilot Administrator in Chicago, IL.| HTMD Forum
Let's learn how to deploy Start Menu Taskbar custom layout settings using Intune. This is a quick post to help you to learn more about Intune device| How to Manage Devices Community Blog Modern Device Management Guides
Let's learn to create Windows 11 Azure AD Device Group. You will have to get ready with Windows 11 PCs sooner than later. One of the things you can start with| How to Manage Devices Community Blog Modern Device Management Guides
In this guide, I will walk you through the steps to disable Folder Options in File Explorer using Intune. I will test the policy on Windows 11 devices, and I| CloudInfra
In this blog post, I will show you Intune policies to configure UAC (User account control) using Intune. User Account Control (UAC) is a security feature in| CloudInfra
I was at an event presenting and Someone in the crowd said: "You can also built a script to import your Applocker policy in Microsoft Intune"| NielsKok.Tech
In one of the last service releases Intune got a long-awaited addition to the Win32 App requirement rules, it now supports selecting ARM64 as an architecture.| Mike's MDM Blog
Remember when Windows used to be a dependable and straight-to-the-point operating system? Well, it still is pretty dependable, but if the system requirements of Windows 11 tell us something, it’s that Windows has become quite big. This is somewhat to be expected, as there are lots more new and advanced technologies in Windows 11 than […]| NTDEV
The latest “what’s new” doc update for Intune includes this tidbit: So now you can restrict ARM64 apps appropriately. Considering how many years ago this was first discussed, it&#…| Out of Office Hours
Microsoft is offering clients an updated Intune Connector for Active Directory and this connector is what Intune will be using starting from Intune 2501. This connector uses Windows Autopilot to deploy devices that are Microsoft Entra hybrid joined. The updated … Continue reading → The post Intune Connector for Active Directory – What To Know About The Latest Security Update appeared first on Thomas Marcussen.| Thomas Marcussen
Did you know, you can use Autopilot device preparation to add applications to your Windows 365 Frontline shared machines before your user has the chance to connect? With this relatively new feature, it gets even easier to prepare your W365 Frontline Shared CloudPCs, no need to create a custom windows image anymore, just to get your LOB Apps preinstalled on your machines.| Mike's MDM Blog
Troubleshooting unexpected reboots when using Windows Autopilot can be challenging for sure. This post is a quick tip around how the Event ID 2800 in the DeviceManagement-Enterprise-Diagnostics-Provider should be used. During our session on troubleshooting the modern managed device at MMS in Minneapolis we got this question a couple of times, this post will explain...| CCMEXEC.COM - Enterprise Mobility
This is my latest training exercise, building configuration drift control for Microsoft Intune with PowerShell and the pester module.| NielsKok.Tech
Version 3.1.0 is now available with a variety of fixed based on customer feedback. See the release information for more details: https://github.com/mtniehaus/AutopilotBranding/releases/tag/3.1.0 Note that this version doesn’t use IntuneWinAppUtil.exe directly. Instead, the […]| Out of Office Hours
Autopilot v2, a.k.a. Autopilot device preparation, was announced on May 22, 2024, it wasn’t really done yet. From the original annoucement (highlight added by me): Not sure about what they consider “soon” […]| Out of Office Hours
In my previous post about pre-provisioning, I showed three apps (MDT, Office, and PowerToys) that I was installing as part of a task sequence. What I didn’t show was the details for […]| Out of Office Hours
Over a year ago when Autopilot v2 (a.k.a. device preparation) was announced, one of the missing features was pre-provisioning (formerly “white glove provisioning”). Maybe one of these days it will finally emerge. […]| Out of Office Hours
When Microsoft announced Autopilot v2 (a.k.a. Autopilot device provisioning), they mentioned: Hybrid AD join is no longer recommended for use with Autopilot deployments. Autopilot device preparation profiles do not support Hybrid AD […]| Out of Office Hours
Windows Autopatch Groups allows for easy staged rollouts of Windows Updates, Driver and Firmware updates and Office updates. You can create your deployment rings in your Autopatch Group dynamically or static assigned to a group of your choice:| Mike's MDM Blog
In service release 2504 of Intune new settings is added to the Windows 11 24H2 Security Baseline. However, they are not released as a new version of the baseline but added when you either create a new policy or edit an existing policy. In this post we will look at the experience upgrading and adding...| CCMEXEC.COM - Enterprise Mobility
Learn how to deploy ARM64 applications with Microsoft Intune and optimize your environment for Windows 11 on ARM64 devices.| Coding Stephan
After a recent Reddit thread and some queries around it at the MEM Summit in Paris, I felt it might be a good idea to get this in writing rather than just word of mouth.| Andrew Taylor
The title says it all — well, not quite because the full description is more involved and nuanced. This post on LinkedIn from Sameer Agarwal, an Intune engineer at Microsoft, explains more: […]| Out of Office Hours
In preparation for an MMSMOA 2025 session where I am talking about the Autopilot Branding package (among other things), I figured it was a good time to look through the feedback, issues, […]| Out of Office Hours
When you initially sign into Windows, by default you’ll see the “pulsing color” screen as first-time “things” are done in the background: You can disable that “first sign-in animation” via GPO, MDM […]| Out of Office Hours
I’ve done a few troubleshooting blog posts over the years, and they are easily the most popular on my site. This one in particular is still going strong (#1 post of all time), almost five yea…| Out of Office Hours
In this post, we will cover the Cloud PC Windows 365 FAQs (frequently asked questions). Some of the questions are generic and related to W365 and the Cloud PC| How to Manage Devices Community Blog Modern Device Management Guides
Let's check to understand Intune logs for Windows 10 and Windows 11 PCs. Intune is a SaaS (software as a service) solution, and I have not seen any Intune| How to Manage Devices Community Blog Modern Device Management Guides
In this post, we will how to deploy Windows 365 security baseline policies to Cloud PCs. It's great news that Microsoft already created baseline security| How to Manage Devices Community Blog Modern Device Management Guides
