Using PowerShell to create Windows 10 Customer Device Policy from the output of Endpoint Manager Group Policy Analytics

In 2020 Microsoft released the Endpoint Manager Group Policy Analytics (still in Preview). This can be very useful to determine your level of modern management support. At this point Group Policy analytics only provides you with the MDM Supported values in CSP mappings and do not provide any further options to create the policies. As … Continue reading Using PowerShell to create Windows 10 Customer Device Policy from the output of Endpoint Manager Group Policy Analytics

Setup Apple Business Manager for automatic user provisioning

In this blog we will look at the steps required to setup automatic user provisioning. You can refer to this blog on the steps required to setup Apple Business Manager: Setup Apple Business Manager in Intune – Azure Cloud & AI Domain Blog (azurecloudai.blog) Prerequisites Before we get started we need to make sure we … Continue reading Setup Apple Business Manager for automatic user provisioning

Setup Apple Business Manager in Intune

In this blog we will look at how to enroll and configure Apple Business Manager in Intune to manage your corporate owned devices and allow for bulk enrollment. Note. Apple Business Manager is only available in selected countries, please verify that your country is available for enrollment into this program. Availability of Apple programs and … Continue reading Setup Apple Business Manager in Intune

Microsoft Intune CSP for Google Chrome DISA STIG

Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS), deeply involved in a project to configure Intune for managing AADJ laptops with a Federal customer’s use. Been working a lot lately with 'hardening' the laptops following DISA STIGs. As a result I've developed a few Intune CSPs and security baselines to … Continue reading Microsoft Intune CSP for Google Chrome DISA STIG

Set up iOS/iPadOS device enrollment with Apple Configurator

Scenario Setting up device enrollment with Apple Configurator, organizations can ensure that their company owned devices can be managed with additional features (Supervised Mode) and will also avoid activation lock of these devices when reallocated. What is Supervised mode? Apple iOS/iPadOS supervised mode gives administrators more options when managing Apple devices, making it useful for … Continue reading Set up iOS/iPadOS device enrollment with Apple Configurator

How to Connect the New Intune Devices Log to Azure Sentinel

I've updated my original instructions on Connecting Intune to Azure Sentinel due to a recent log addition for Intune. Use those instructions for the complete steps to enabling Azure Sentinel to monitor Intune activity. A new log type has shown up recently. The new log type is Devices and the table name created is IntuneDevices … Continue reading How to Connect the New Intune Devices Log to Azure Sentinel

Setting up an Android Emulator for testing Intune features on Apple macOS

Overview In September 2020 Vikash Sivanath wrote a blog on Setting up an Android Emulator for testing Intune features that focused on how to get it setup on a Windows platform. In this blog we will look at setting it up on Apple macOS. Installation Download the Android Studio software from Android’s developer site by … Continue reading Setting up an Android Emulator for testing Intune features on Apple macOS

How to configure Desktop Analytics and more…

The purpose of this article is not only to do a Step by Step guide on how to setup Desktop analytics but also to add extra information that can be used for troubleshooting. Have a look at the Config Confirmation areas that follow each section. Configuration Manager Prerequisites Configuration Manager, version 1902 with update rollup … Continue reading How to configure Desktop Analytics and more…

Intune – Query Azure AD Bitlocker Keys using Graph API

The Issue If you have recently started using the BitLocker Encryption options out of Intune whether its device configuration or the endpoint protection encryption portion you will see there are many great reports like the encryption below. The problem is its quite hard to see if your machines have backed up their keys to Azure … Continue reading Intune – Query Azure AD Bitlocker Keys using Graph API

Intune – “Conditional Access, Terms of Use and The Company Portal”

The Issue We recently had an issue where we tried to use the Conditional Access setting and only granting Terms of Use for an Android Device Enrollment. The Investigation What happens now is as described in our docs article Terms of use - Azure Active Directory | Microsoft Docs - The authenticator app installs... Why … Continue reading Intune – “Conditional Access, Terms of Use and The Company Portal”