There’s a moment every Intune admin eventually faces. You’ve crafted a beautiful custom policy, deployed it with care, and waited for that sweet green checkmark. But instead, you get… nothing. Or worse, a red...| Mr T-Bone´s Blog
Discover Intune's new Multi-Admin Approval feature for device actions. This guide explains how to set up dual control for Wipe, Retire, and Delete commands. The post Multi-Admin Approval Extends to Device Reset Options in Intune appeared first on Our Cloud Network.| Our Cloud Network
As Rudy Ooms discovered on the Microsoft 365 Message Center, bulletin MC1134168 announced a change coming with the September 2025 cumulative update: You’ll be able to install updates at the end of […]| Out of Office Hours
Deploy the recommended settings for Windows LAPS to your end-user Windows 10 and 11 devices using Microsoft Intune. The post Recommended Settings for Windows LAPS with Intune appeared first on Our Cloud Network.| Our Cloud Network
Let's find out the Best Way to Deploy Powershell Script using Intune. First, we can use Intune to upload the PowerShell scripts and then run the scripts on| How to Manage Devices Community Blog Modern Device Management Guides
Learn how to deploy applications to Microsoft Teams Rooms (MTR) using Microsoft Intune Remediation Scripts. Discover a working workaround when standard app deployment fails on MTR devices.| Thomas Marcussen
I have a customer that uses Intune AutoPatch and wanted to add devices to groups based on domain suffix of the primary user. So I started to add this functionality to my popular script...| Mr T-Bone´s Blog
The latest “what’s new” doc update for Intune includes this tidbit: So now you can restrict ARM64 apps appropriately. Considering how many years ago this was first discussed, it&#…| Out of Office Hours
Microsoft is offering clients an updated Intune Connector for Active Directory and this connector is what Intune will be using starting from Intune 2501. This connector uses Windows Autopilot to deploy devices that are Microsoft Entra hybrid joined. The updated … Continue reading → The post Intune Connector for Active Directory – What To Know About The Latest Security Update appeared first on Thomas Marcussen.| Thomas Marcussen
Learn how to fix Microsoft Intune and Entra ID enrollment issues like error 0x80180014. This guide covers device visibility, orphaned records, and Autopilot troubleshooting for Windows and Microsoft Teams Rooms.| Thomas Marcussen
I have been really irritated with the EU decision to force end users to accept the SSO in Windows. The EU Digital Markets Act (DMA) SSO dialog, commonly referred to as the “Continue to...| Mr T-Bone´s Blog
Autopilot v2, a.k.a. Autopilot device preparation, was announced on May 22, 2024, it wasn’t really done yet. From the original annoucement (highlight added by me): Not sure about what they consider “soon” […]| Out of Office Hours
Organizations need to make full use of the tools that services like Microsoft Defender for Endpoint to minimize the risk of attacks.| Thomas Marcussen
As companies strive to stay ahead in the ever-evolving technological landscape, some have upgraded their domain controllers to Windows Server 2025. While this upgrade brings numerous benefits, it has also introduced a significant problem...| Mr T-Bone´s Blog
I’ve done a few troubleshooting blog posts over the years, and they are easily the most popular on my site. This one in particular is still going strong (#1 post of all time), almost five yea…| Out of Office Hours
Getting devices set up quickly and without difficulty with Windows Autopilot, the Microsoft that provides businesses with that very solution.| Thomas Marcussen
I have finally had some time to have a new look at my script to update primary user for devices in Intune. The previous script had some issues when updating mggraph modules to later...| Mr T-Bone´s Blog
I´m currently working with a multinational company and their device management with Intune. They use delegated administration in Intune based on Scope Tags. In this blog, we’ll explore why scope tags are important, especially... The post Country based Intune Scope Tags with PowerShell or Azure Automation appeared first on Mr T-Bone´s Blog.| Mr T-Bone´s Blog
Imagine you have a list of rules for how your devices should behave. Declared Configuration is like giving your devices a set of instructions and telling them to always follow these rules. Once you...| Mr T-Bone´s Blog
In the ever-evolving landscape of IT management, having real-time insights into the state of your devices is crucial. Microsoft Intune now provides a feature known as Device Query for multiple devices that allows IT...| Mr T-Bone´s Blog
What is Windows Protected Print Mode? Windows Protected Print Mode is a feature introduced in Windows 11 that aims to enhance the security of your printing environment. It uses the modern print stack and...| Mr T-Bone´s Blog
Back when Autopilot v2 was announced, and carried over into the documentation, is a claim: [Windows Autopilot device preparation, a.k.a. Autopilot v2] reduces the time IT spends on deploying device…| Out of Office Hours
Today, we’re diving into the latest and greatest update for Windows 11 Enterprise – Hotpatching! If you’re like me, you’re always looking for ways to keep your systems secure without the hassle of constant...| Mr T-Bone´s Blog
On Ignite, Microsoft introduced an enhanced device inventory feature for Windows devices in Intune, providing IT professionals with more detailed and actionable insights into their device estate. This new capability allows organizations to collect...| Mr T-Bone´s Blog
A while back, I noticed that updates were installing at the end of the Autopilot process, after device ESP had completed and before the user signed in. Per Microsoft’s post, this is now going…| Out of Office Hours
I mentioned in my previous post that I was able to use “Co-management Authority” (a.k.a. “Co-management settings”) to install the ConfigMgr agent and then initiate a task se…| Out of Office Hours
If you missed it this past week, let me first point you to the source: Windows deployment with the next generation of Windows Autopilot So what did this blog tell you? Certainly that there are chan…| Out of Office Hours
The benefits of using Microsoft Intune include access to excellent features, enhanced security, and improved endpoint management| Thomas Marcussen
Phil Wilcock posted a blog last week with details about “non-peerable” content, pointing to Microsoft’s official documentation about what is and isn’t “peerable.”…| Out of Office Hours
In the slow march to its final death, the Microsoft Store for Business (and presumably the Microsoft Store for Education as well) has removed the ability to add, edit, and remove Autopilot devices.…| Out of Office Hours
My first thoughts around Autopilot v2 (a.k.a. Autopilot device preparation) are scattered through a week of posts: Digging into Windows Autopilot v2 Windows Autopilot v2 experience: Some surprises …| Out of Office Hours
One of the things that is not currently included in the APv2 device preparation policy is an option to configure the computer name, so as a result the devices end up being given a random name like …| Out of Office Hours
People have made fun of Microsoft’s progress bars for decades. We’ve all seen examples, e.g. file copies that show days, then minutes, then hours; “updating Windows” message…| Out of Office Hours
On May 1st, Microsoft e-mailed me to congratulate me: Today, the e-mail was to take that away: The basic justification given for that was that the Intune product group was not comfortable sharing N…| Out of Office Hours
Now that my “real” lab tenant has been updated, I can easily try it out. I set up a new unregistered VM, created a new Autopilot device preparation profile that targeted “All user…| Out of Office Hours
Yes, I know the official name is “Windows Autopilot Device Preparation.” But that’s too much of a mouthful and doesn’t really even describe what this is, other than “s…| Out of Office Hours
You’ve probably run into a scenario like this before and never understood why: You assign a new, seemingly harmless policy into a configuration profile in Intune, and now the device reboots a…| Out of Office Hours
I’ve published a bunch of sample Win32 apps for Intune and Autopilot, most of which are just PowerShell scripts bundled into an .intunewin file. For the first few, I posted the step-by-step i…| Out of Office Hours
We’ve all sat and watched the Enrollment Status Page (ESP) during an Autopilot provisioning process — it’s pretty boring overall, showing information that isn’t really usefu…| Out of Office Hours
Back in 2022, I did a post about using the MDM terms of use page (which is almost never actually used since Azure AD now has a better solution as part of conditional access) to prompt for informati…| Out of Office Hours
I’ve been used to the routine: If an app fails to install during Autopilot with ESP monitoring the progress, you don’t find out about it right away. Instead, you would have to wait unti…| Out of Office Hours
If you are doing user-driven Windows Autopilot provisioning in combination with a ConfigMgr task sequence initiated via “Co-management settings” in Intune, you know that the task sequen…| Out of Office Hours
It seems like a simple question, but a complete answer isn’t necessarily simple. We can start off with the documentation: OK, so about every 8 hours. But it’s different right after you …| Out of Office Hours
I noticed a section on the Features in development page that talks about a change coming on April 1st, which is not very far away (and an interesting place to put “we’re going to break …| Out of Office Hours
It started off as a simple change: I was annoyed that the “Observed Timeline” in the output from the Get-AutopilotDiagnosticsCommunity (and the older Get-AutopilotDiagnostics script too…| Out of Office Hours