Create Smart Groups for Wave Deployment of Configurations in Intune

19. February 202327. February 2023 jannikreinhard7 Comments

How do you distribute configuration profile, apps or other configurations in Intune today? In this blog I want to explain and provide a script how you can easily roll out objects in Intune using waves. Here I will help you to create groups defined by you that will pack a specified percentage of your devices into the groups so that you can perform a slow rollout and thus guarantee the quality. The current script describes how you can create device groups. If you are also interested in how to apply this to user groups or how to create a automation for the assignment then let me know.

Get assignments of an device via Powershell

29. January 202321. February 2023 jannikreinhard3 Comments

Via the MEM UI in the device overview you can see all assignments of a certain device. In the service release Service release 2206 even the function to see the group members of a device was included. But if you want to create automations it is helpful to be able to query this information with PowerShell. I have created a script at the request of a user in the community which returns this information to you.

Easy way to analyse MDM Diagnostic data on the client

15. January 202321. February 2023 jannikreinhard1 Comment

In this blog I would like to give you a helpful tool how you can analyze the MDM diagnostic log directly on the client with the help of PowerShell and how you can process the content in a simple way to implement remediations or to build a monitoring. In the following sections I will explain step by step how you can use this script.

Intune DevOps Tools – Move objects from Dev to Prod Tenant

23. October 202223. October 2022 jannikreinhard4 Comments

The more clients are managed in your tenant and the more people have contributor rights in your tenant, the more important it becomes to have good release management processes. In this blog post I would like to introduce you to my Intune CI pipeline that allows you to transfer configurations from one tenant to another. This offers the possibility that only a small number of administrators have access in the Prod tenant and all others create configurations in a Dev tenant and these are then transferred to the Prod tenant via a DevOps pipeline.

Deep dive into the IME Health check

18. September 202218. September 2022 jannikreinhard1 Comment

In one of my last posts we took a closer look at how the Intune Management extension works and even looked behind the scenes directly into the code. In this post I have already mentioned the ClientHealthEval.exe and I would like to take a closer look into this.

How to import custom ADMX/ADML into Intune

19. August 202219. August 2022 jannikreinhard

With the Intune service release 2208 there is a really nice feature that provides the support to import ADMX and ADML templates very easy into MEM. This helps to create configurations for e.g. 3rd party products. How this work I will explain based on a Firefox.

Applicability Rule: Gone but still there

3. July 20222. August 2022 jannikreinhard1 Comment

With the introduction of Assignments filter, the value of Applicability rules has diminished. With Applicability rules you could define on which OS versions a Configuration Profile should work. Unfortunately, the ability to configure or delete applicability rules for some configuration profile types from the console has also been removed. It is to be expected that this can happen piece by piece also for further types. In this blog I want to show you how you can easily remove all applicability rules to switch to filters as soon as possible.

Migrate an AAD User group to a Device group and vice versa

3. July 20222. August 2022 jannikreinhard1 Comment

In your environment you have multiple groups to create assignments of an app or a configuration profile. If you later realize it would be better if this was not a device group but a user group, it is hard to change this without the user having an impact or you have big efforts. I have written a script that you can convert a user group into a device group or a device group into a user group based on the user assigned to a device or based on the devices assigned to the user.

Configuration of Windows Update reboot notifications

18. June 2022 jannikreinhard

In one of my blog posts (Delay Windows Update pending reboot with toast notification) I have already described how to give the user more flexibility in deciding when he wants to reboot his device but still remind him regularly. In this blog I want to explain you how to configure the system notification of Windows Update for business. The reason for this blog is a question in the Microsoft tech community.

How to update Quick assist with Intune

17. June 202218. June 2022 jannikreinhard

Quick assist was a cool windows out of the box tool that can get or provide PC support via a remote connection. Because Quick Assist is a pre-installed app in Windows, it can also be used to provide support during setup via e.g. Autopilot. The experience for the user was really easy. You have to only read out a 6 character code from the client and type in on the quick assist app on the supporter site.

But this will be changed quick assist will not be longer a build-in tool in windows. Microsoft posted on April 27, 2022 in the Windows Insider blog that Quick assist will only be available via the Windows Store in the future and that support for the old client will end. So, if you want to continue using Quick assist in the future, you will have to install it from the Windows Store.

However, there are several problems here. The first problem is that the installation of Quick assist from the Windows Store requires admin rights. This is not always the case in a professionally managed business environment where users also have admin rights on their PC. The second problem is that if you are using Windows LTSC there is no Windows Store to get quick assist from. And user getting a error messages about missing WebView2 runtimes.

How you can solve this problem I will show you today in this blog.