If you follow my blog, you know that there are two things I really like: helping people with their problems, and automating or simplifying processes. In this blog, I want to introduce you to my new tool, the Intune Device Troubleshooter. This is a PowerShell UI application that will help you to check the status of your devices, as well as support you to trigger remediation scripts to fix issues add-hock on single devices. It also provides you intelligent recommendations what you should check at a single device to determine and possible issue. So let’s get started and look at the features of the tool.
When creating a new app in MEM and not assigning it to AllUser/AllDevices this is always some work to create own group for available/required and uninstall assignments for each app. You know I love automation. To save time and automate this work I will describe in this blog how you can create a runbook that takes this work completely over.
All assignments in Intune are based on Azure AD groups. I think you also already had the problem that you wanted to find out to which Intune Object a certain AAD group in already assigned, but there is no way in the portal to find this out. To solve this problem I have written a script that gives you exactly this output.
Hello everyone, after several months of inactivity I would like to post regularly new content here on my blog. I start here with a topic which I have already blogged last year. This post is about how to restrict who can log on to on windows via Intune. Intune has a cool new feature that allows you to manage the members of local groups. In my previous blog I did this restriction with a configuration profile and put a AAD user into the local group via a custom profile and an OMA-URI. Now Microsoft has added a new CSP that allows you to do this in an much more elegant way. How to use this I explain now in this blog post.
In the previous blogs we have looked at all the features Intune offers for device management, application management, endpoint security and reporting. Now we will look at the User and Groups menu. This blog will be the last blog in this series.
If an Intune device is not enrolled as a shared device or kiosk device, it always has a primary user. This creates a relation between the device and the user. This user is also used to license the device. This user only has the possibility to see this device in the company portal / company portal website and trigger certain self service actions. Also, while troubleshooting, an Intune admin can select this user in the Troubleshooting + support menu in Intune and directly see their devices.
The primary user is automatically added after the the enrollment of an intune managed device. It is possible to change the user to an other or remove this user to switch the device into a shared device.
The launch of Windows 11 is coming and you might want to test configurations or apps on Windows 11 devices right now. But for the testing you need a group in Azure AD. In this blog I want to show you how to create a dynamic group where all Windows 11 devices are grouped. I also want to show you how to create a Device Filter for Windows 11.
In this blog series, I’ll give you a tour through the features that Microsoft Endpoint Manager offers us. In my first blog we looked at the Device Management features. In this blog I want to cover all the features around Application Management. Good apps are one of the foundations of a successful company. With Intune, you can ensure that end users have access to the apps they need to do their jobs.
With the Assignment Filter a possibility was added to intune to make assignments more comfortable. This feature was first available for configuration profiles and then for apps. With the service release 2107 Intune has enabled the assignment filters also for update rings.
What are assignment filters and how can you use them for the update ring assignemnts I will show you in this blog.