Blogs
Introducing: Intune & Entra ID Management Tool
Hi Community, I’m thrilled to announce the launch of the IntuneStuff Management Tool, a powerful Windows desktop GUI built to simplify and enhance how we manage Microsoft Intune devices and Entra ID groups. Some of the features are: ✅ Bulk-device operations with...
How to Set Up Intune Multi-Admin Approval with Ease – and a quirk
HI Community, Another day another blog, this time on Multi-Admin approval in Intune. This is not a new feature but Microsoft recently added some more functionality to it and for the better! In this blog i will give you some information on what it is and does, show you...
Introducing – Windows Backup for Organizations with Intune
Windows Backup for Organizations makes it easier for businesses to handle device upgrades and refreshes. It securely saves user settings and Microsoft Store app configurations so that moving from Windows 10 to Windows 11—or rolling out new AI-powered PCs—feels smooth...
Cloud Kerberos trust with Windows Hello for Business and Intune – Need Hybrid for Drive Mappings? Dual Enrollment…. euh what?
Hi all, This post will be all about Cloud Kerberos trust with Windows Hello for Business with Intune and something called Dual Enrollment.... euh what? Additionally, understanding Cloud Kerberos trust is essential for those navigating modern authentication. And...
How to setup macOS LAPS (Local Administrator Password Solution) with Intune
Hi Community, The first half of the summer holidays is almost history. I decided to write a blog about one of the most anticipated feature releases for macOS: macOS LAPS is finally here. I can already state this from my personal opinion: is it what I wanted? Does it...
Device Query for Multiple Devices – Security Copilot KQL generation
Hi Community, Guess what? Device Query for Multiple Devices is now live, however not on all tenants so it seems. This long awaited feature is an huge step forward and addition to the single device query that has been around for some time now. Check out the Microsoft...
Security Copilot with Entra and Intune: The Ultimate Trio for Cybersecurity (and Maybe World Domination) – Part 2
Hi Community, Welcome to part 2 of my blog series on Security Copilot. If you missed part 1 you can find it here. [visual-link-preview...
Microsoft Security Copilot with Intune & Defender
Security Copilot is a cloud-based AI platform offering a user-friendly natural language Copilot interface. It aids security professionals across various scenarios such as incident response, threat hunting, and intelligence gathering. For a detailed overview of its...
Security Copilot with Entra and Intune: The Ultimate Trio for Cybersecurity (and Maybe World Domination) – Part 1
Hi Community, This time some stuff on Security Copilot. I thought it was about time to write up something on Security Copilot. World domination is not about to happen i guess but you never know. In this blog i hope to show you how powerfull the product is already,...
Security Update – Microsoft Intune Connector for Active Directory
Hi Community, As you might have seen on the socials and on my Linked-In page the Microsoft Intune connector for Active Directory got a security update. The previous version was working with an Intune licensed user with a privileged role. This was a security issue....
Microsoft Intune Autopilot Hybrid Entra ID (Azure AD) Join – The Complete Guide
Hi all, Here is a full guide on Microsoft Intune Autopilot Hybrid Entra ID. I know that Microsoft no longer recommends the use of Hybrid EntraID joined devices as stated in this article: Overview for Windows Autopilot user-driven Microsoft Entra hybrid join in Intune...
TAP (Temporary Access Pass), it’s not a dance… and Web Sign-in
Hi Community, Recently I was asked to setup an Autopilot and Device Preparation infra for a customer. All went fine but after a few weeks the customer came back to me stating that they needed the end user's credentials and MFA to enroll them. Of course i said that...
How to control the installation of the “new” Outlook – Different methods to disable this – And yes we can do this with Intune!
Hi Community, Let's start with a question. Do you like the "new" Outlook? If you are like me and your answer is no then i invite you to read further. The "new" Outlook, according to Microsoft, is a native application, based on WebView2. The experience is provided by...
MacOS Intune Policies – An Easy Guide to Start From
Hi all, Microsoft did some great work on managing MacOS devices with Intune lately. You can almost compare it with the Windows configuration. Some things are still missing but hey, we didn't get all the Windows features overnight. Rome also wasn't build in a day :-)...
Enable Filevault during setup assistant on macOS not working? – It works great, seriously!
Hi Community, Starting from July 2024 there was an issue regarding the enablement of Keyvault during the setup assitant on macOS. You can read the full article here. ...
Intune Assignments User Groups vs Device Groups – A Short Blog
Intune Assignments User Groups vs Device Groups
How to enable insights & Reporting for Conditional Access Policies in report only mode
Many individuals depend on Azure AD Sign-in logs, yet there are valuable additional features to consider for implementation within your tenant. One such feature is the Insights and reporting feature for Conditional Access. This feature allows administrators to analyze...
How to add extension attributes for AAD-Entra ID Devices
Hi, as you might know it is possible for some time now to add extension attributes to you Entra ID joined devices. A few reasons for doing this would be: Using a device filter on a conditional access policy - see this Microsoft article For instance, you might include...
How to set the Home page (and new tab) & Managed Bookmarks in Edge, Chrome and Firefox with intune
Hi guys, here are some guidelines to get your company defined home page, and other tabs in Edge, Chrome and Firefox with Microsoft Intune, also i will describe how to set some managed bookmarks for these browsers. Additionally, utilizing Managed Bookmarks can enhance...
How to download the intunewin file from Intune
In this article, I aim to provide tips on how to download the intunewin file from Intune when the source files are no longer available or have been lost. The MEM portal doesn't include a download button for this file type. Instead, I'll guide you through a simple...
How to get the ID of your Intune Policies
Sometimes you need to lookup the ID of your Intune policies. Let's say you have an issue with a specific policy and you have requested a service request to Microsoft for assistance. The Microsoft technician can ask you for the ID of the failing policy. In this article...
Manage Microsoft Defender Policies with Intune on Servers or Non-Managed Devices
From the standpoint of endpoint security management architecture, this situation addresses the challenge of overseeing security features on devices that are not under direct management. In the case of Intune-managed devices, whether operating solely in the cloud or...
Intune Attack Surface Reduction Rules for Windows Server OS
Your organization's attack surface includes all the places where an attacker could compromise your organization's devices or networks. Reducing your attack surface means protecting your organization's devices and network, which leaves attackers with fewer ways to...
How To Setup Break Glass Account (BGA Account) Notifications on Azure with SMS and email
It is important that you prevent being accidentally locked out of your Microsoft Entra organization because you can't sign in or activate another user's account as an administrator. You can mitigate the impact of accidental lack of administrative access by creating...
How to renew the MDM Push Certificate on Intune for Apple devices
An Apple MDM Push certificate is required to manage iOS/iPadOS and macOS devices in Microsoft Intune, and enables devices to enroll via: Apple bulk enrollment methods, such as the Device Enrollment Program, Apple School Manager, and Apple Configurator. The Intune...
