In one of my posts I have explained how you can create and apply assignment filters. It is a very powerful feature to refine the assignment of a group. For example, you can assign a config profile to all devices and apply a filter to deploy the config profile only on Windows 11 devices within the group. To make it easier for you to start with filters I wrote a script which creates a default set of filters.
I have already described in one of my first blogs how you can set up an Intune development environment and enroll Windows devices via Autopilot and manage them. Apart from Windows, you can also manage iOS, Android and MacOS very well with Intune. Apple offers a good interface (MDM Protocol) to manage MacOS devices, unfortunately not all options are supported with Intune. Also in the WWDC22 there was some great new features introduced.
MacOS support was added to Intune back in 2015. At that time, the management of Mac devices was still very limited – something that has changed in the meantime. The number of companies using Mac devices is growing more and more, as is the general market share of macOS compared to Windows. This was around 3% in 2009 and has risen to 15% today (2022). Of course, Windows is still in front, but a trend can be seen.
There are a lot of worthy blogs that deal with the topic MacOS management and Intune:
Just to name a few. Of course there are some great other blogs.
In this blog I want to give you a step by step guide on how to enroll a macOS device in Intune. There will be more blogs in the future with the topic of managing macOS with Intune.
For troubleshooting purposes it is helpful to change the log level of the Intune Management Extension. Since this has to be done in an XML config file of the IME, and inserting a wrong value can affect the function of the IME, I wrote a script which makes the change of the log level easy.
You may have noticed that an Autopilot hash looks a little different every time you create it. In this blog post, I want to show you how to encode an Autopilot hash and display its content.
Read More »
If an Intune device is not enrolled as a shared device or kiosk device, it always has a primary user. This creates a relation between the device and the user. This user is also used to license the device. This user only has the possibility to see this device in the company portal / company portal website and trigger certain self service actions. Also, while troubleshooting, an Intune admin can select this user in the Troubleshooting + support menu in Intune and directly see their devices.
The primary user is automatically added after the enrollment of an Intune managed device. It is possible to change the user to an other or remove this user to switch the device to a shared device.
Read More »
According to the Gartner quadrant published on August 16, Microsoft is by far the leader in the area of unified endpoint management tools. Microsoft Intune has played a major role in achieving this clear ranking. Intune has grown more and more in recent years and has received more and more new functions. According to rumors, we can soon expect support for Chrome OS (source: twitter).
This blog is the first blog of a whole blog series. In this blog series, I want to give you a tour of all the features that Microsoft Intune has to offer.
Read More »
Map a Network Drive with Intune explains how to deliver a network-drive mapping from Microsoft Intune so users receive the correct shared drive without manual setup. The guide focuses on the practical Intune deployment steps, script behavior, and configuration details needed for a reliable network drive rollout.
“Map a network drive with Intune” sounds like a 2009 problem, and yet — between hybrid file shares, M&A onboarding, line-of-business apps that hardcode UNC paths, and users who genuinely prefer drive letters to SharePoint URLs — it shows up in almost every modern endpoint project. Microsoft does not give you a clean GUI option for it, which is why a tiny PowerShell script delivered through Intune is still the most reliable answer. This post shows the exact pattern I deploy in production, including credential handling against on-prem AD, Hybrid Microsoft Entra ID vs Entra-only differences, and how to retire the mapping cleanly when the file share goes away.
In this blog I will show you a very simple way how to map a network drive with Intune.
Read More »
For many users, the centered taskbar in Windows 11 is unfamiliar. To make the transition a bit easier for users, we’ll take a look at whether there’s a way to align the taskbar to the left like in Windows 10.
Read More »
With the Assignment Filter a possibility was added to Intune to make assignments more comfortable. This feature was first available for configuration profiles and then for apps. With the service release 2107 Intune has enabled the assignment filters also for update rings.
What are assignment filters and how can you use them for the update ring assignments I will show you in this blog.
Read More »
Centrally controlling the desktop wallpaper is one of those tiny tasks that produces wildly outsized political conversations in any organization — branding, compliance and end users all have opinions, and Intune gives you several ways to enforce it. This post is the short, opinionated guide I wish I’d had: how to deploy a corporate Windows 10 / 11 background image with Microsoft Intune, when to use the Settings Catalog vs. the older ADMX templates, and how to behave nicely on devices where the user has personalised their wallpaper before enrolment. I’ll also cover the gotchas that don’t appear in docs: image hosting, hi-DPI quirks, and how the policy interacts with Personalization → Background.
With Intune it is very easy to change the background picture of your devices. In this blog I explain how you can do this.
Read More »