Endpoint management has come a long way from the days of manual, on-premises processes. In today’s world where employees work from home, on the road, or in branch offices, IT teams need tools that are not only powerful but also flexible and intelligent. Microsoft’s journey from Configuration Manager (SCCM) to Intune, and now toward AI-driven automation, shows how we can bridge legacy systems with cloud innovation to deliver seamless, secure, and proactive device management.
I currently attend at the MMS Fort Lauderdale conference, where an attendee asked a good question: Is it possible to convert a device group into a user group, and vice versa? The answer is both yes and no. While there’s no out-of-the-box functionality in Intune to achieve this directly, it is possible by leveraging the Microsoft Graph API.
Microsoft Graph” class=”wp-image-7184″ />
You know there are regular changes and updates on the Intune Management Extension (IME). Sometimes it can be the cause of issues, or it is also interesting to see what was changed. To detect these changes I wrote a script which notifies you in case of a change and will let you know what was changed.
I am more than happy to release my new tool the GPT Intune Device Troubleshooter. Wouldn’t it be awesome if you had an assistant to whom you could explain what you want to do in Intune, and they would do the job for you? This dream will now become reality with the GPT Intune Device Troubleshooter.
This post introduces the new and Updated Intune Group Assignment Script. The original was useful but limited; the New version of the Intune Group Assignment Script supports dynamic groups, scope tags, exclusion assignments, and a much cleaner CLI for use in pipelines.
A few months ago I released a script which lists you all assignments of a Microsoft Entra ID group in intune. With this blog post I will release a new version of this script which includes more configuration objects and improves a lot of the code parts.
I have already written a blog about how to send a message using Logic apps to generate a regular device report. After a presentation about automation with Intune and Graph I got good feedback if I can do a variant with Co Managed devices. So I decided to write a V2 of this blog and also update the authentication with Managed Identity. If you are interested in more blogs around the topic of logic apps, let me know and I will be happy to do a deep dive on logic apps.
As you all know I am a very very big fan of automation. The good thing is in almost all Microsoft products there are interfaces to do exactly that. This is also the case for Intune. In one of my last blogs I wrote about how to use PowerShell to automate things in Intune. I also mentioned Azure Automation. In this blog I want to go deeper into the topic and explain how you can use Azure Automation to automate recurring processes.
In the third part of this Intune Suite series, I want to give you more insights into advanced endpoint analytics. I am really happy that Intune has gone in the direction of machine learning and anomaly detection. I blogged about these topics a few months ago, discussing how to analyze Intune data with the help of cognitive service anomaly detection. It’s awesome that Intune now includes this out-of-the-box in the tool. Unfortunately, I can’t test this feature in my own tenant because Endpoint analytics requires at least 10 devices, and this is not possible in my test tenant. However, I will cover all elements of the feature in this blog.
Source: https://learn.microsoft.com/en-us/intune/advanced-analytics/
Read More »
In my second part of the Intune suite series, after covering Remote Help in part 1, I want to talk about Endpoint Privilege Management. This feature is brand new and was released yesterday. Endpoint Privilege Management (EPM) is a powerful feature in Microsoft Intune that allows you to enable users to run as standard users, without administrative rights, while still being able to complete tasks that require elevated privileges. This blog post will guide you through setting up Endpoint Privilege Management in your organization, ensuring users can remain productive without compromising on security.
Keeping track of newly enrolled devices in your organization can be a challenging task when relying solely on the Intune console. Wouldn’t it be awesome to receive a comprehensive report automatically via email? As you know, I love automating things. In this blog post, we’ll explore a simple and efficient way to generate a weekly report for all newly enrolled devices using PowerShell, Azure Automation Runbooks, and Microsoft Graph API. This automated solution will save you time and effort, allowing you to focus on more important tasks in managing your organization’s devices. So, let’s dive in and learn how to create this valuable report!
