Create Smart Groups for Wave Deployment of Configurations in Intune

19. February 202327. February 2023 jannikreinhard13 Comments

How do you distribute configuration profile, apps or other configurations in Intune today? In this blog I want to explain and provide a script how you can easily roll out objects in Intune using waves. Here I will help you to create groups defined by you that will pack a specified percentage of your devices into the groups so that you can perform a slow rollout and thus guarantee the quality. The current script describes how you can create device groups. If you are also interested in how to apply this to user groups or how to create a automation for the assignment then let me know.

Introduction of the Intune Device Troubleshooter

31. July 20227. August 2022 jannikreinhard11 Comments

If you follow my blog, you know that there are two things I really like: helping people with their problems, and automating or simplifying processes. In this blog, I want to introduce you to my new tool, the Intune Device Troubleshooter. This is a PowerShell UI application that will help you to check the status of your devices, as well as support you to trigger remediation scripts to fix issues add-hock on single devices. It also provides you intelligent recommendations what you should check at a single device to determine and possible issue. So let’s get started and look at the features of the tool.

Automatically create assignment groups when a app is created

21. July 202221. July 2022 jannikreinhard1 Comment

When creating a new app in MEM and not assigning it to AllUser/AllDevices this is always some work to create own group for available/required and uninstall assignments for each app. You know I love automation. To save time and automate this work I will describe in this blog how you can create a runbook that takes this work completely over.

List all Intune assignments of an Azure AD Group

12. June 20222. August 2022 jannikreinhard5 Comments

All assignments in Intune are based on Azure AD groups. I think you also already had the problem that you wanted to find out to which Intune Object a certain AAD group in already assigned, but there is no way in the portal to find this out. To solve this problem I have written a script that gives you exactly this output.

How to restrict the login to dedicated users with intune – Part 2

22. May 202222. May 2022 jannikreinhard

Hello everyone, after several months of inactivity I would like to post regularly new content here on my blog. I start here with a topic which I have already blogged last year. This post is about how to restrict who can log on to on windows via Intune. Intune has a cool new feature that allows you to manage the members of local groups. In my previous blog I did this restriction with a configuration profile and put a AAD user into the local group via a custom profile and an OMA-URI. Now Microsoft has added a new CSP that allows you to do this in an much more elegant way. How to use this I explain now in this blog post.

The ultimate MEM tour part 5 – User and Groups

10. October 202110. October 2021 jannikreinhard4 Comments

In the previous blogs we have looked at all the features Intune offers for device management, application management, endpoint security and reporting. Now we will look at the User and Groups menu. This blog will be the last blog in this series.

Remove the primary user from Intune devices with powershell (Switch to shared device)

9. October 202113. March 2023 jannikreinhard11 Comments

If an Intune device is not enrolled as a shared device or kiosk device, it always has a primary user. This creates a relation between the device and the user. This user is also used to license the device. This user only has the possibility to see this device in the company portal / company portal website and trigger certain self service actions. Also, while troubleshooting, an Intune admin can select this user in the Troubleshooting + support menu in Intune and directly see their devices.

The primary user is automatically added after the the enrollment of an intune managed device. It is possible to change the user to an other or remove this user to switch the device into a shared device.

Add Azure AD user and group into a local group

25. September 202125. September 2021 jannikreinhard

In this blog we will look at how you can add an azure ad groups or users to a local group using Intune and custom profiles.

Group Windows 11 Devices with Intune

21. September 202121. September 2021 jannikreinhard

The launch of Windows 11 is coming and you might want to test configurations or apps on Windows 11 devices right now. But for the testing you need a group in Azure AD. In this blog I want to show you how to create a dynamic group where all Windows 11 devices are grouped. I also want to show you how to create a Device Filter for Windows 11.

The ultimate MEM tour part 2 – Applications

19. September 202110. October 2021 jannikreinhard4 Comments

In this blog series, I’ll give you a tour through the features that Microsoft Endpoint Manager offers us. In my first blog we looked at the Device Management features. In this blog I want to cover all the features around Application Management. Good apps are one of the foundations of a successful company. With Intune, you can ensure that end users have access to the apps they need to do their jobs.