Intune: Grouping based on Hardware Inventory data

It's been couple of years since I blogged a post. In the meantime, I moved to Intune Product Group as a Product Manager and now I'm a member of Grouping and Targeting team. One of the top blocker in grouping and targeting space is the lack of ability to group the managed devices based on … Continue reading Intune: Grouping based on Hardware Inventory data

Code as Code – Managing Azure Automation with Terraform

Introduction Azure Automation is a robust tool that provides administrators with the ability to execute tasks either on Azure or on-premises (through a hybrid worker). If you're familiar with Azure Automation, you've likely configured a lot of settings, including runbooks, schedules, RBAC permissions, variables and PowerShell modules. In certain organizations, these configurations can amount to … Continue reading Code as Code – Managing Azure Automation with Terraform

Azure AD PowerShell to Microsoft Graph PowerShell

Overview: You might have heard about AzureAD PowerShell module deprecation. So, in this article we will summarize the migration between Azure AD PowerShell to Microsoft Graph PowerShell and will provide you with all the relevant info and links in one place, to get you up and running with the new MS Graph Module. The best … Continue reading Azure AD PowerShell to Microsoft Graph PowerShell

Permanently delete objects from the Active Directory Recycle Bin

With the Active Directory Recycle Bin enabled, deleted Active Directory objects can be easily recovered. The deleted items can be recovered for as long as the Active Directory tombstone lifetime. Based on default configuration this should be 180 days. I recently received a request from a customer to know how they can permanently delete user … Continue reading Permanently delete objects from the Active Directory Recycle Bin

How to Import One or Multiple Analytics Rules into Microsoft Sentinel

There are a few PowerShell options out there (including the official module) to help automate content and collateral deployment to your Microsoft Sentinel workspace. But the one from Jan Geisbauer is highly recommended. Jan's original blog post announcement about this new module is here: Alertrule from github to Azure sentinel | (emptydc.com) The PowerShell module … Continue reading How to Import One or Multiple Analytics Rules into Microsoft Sentinel

Schedule a Reboot for Manual installation of Windows 10 Feature Updates

With the various methods of deploying Windows 10 Feature Updates, the Feature Update Rollouts via Application Deployment does not provide restart notifications to the user and as such the device will automatically reboot if the “/noreboot” switch is not added to your batch file or if the switch is added the reboot will not happen … Continue reading Schedule a Reboot for Manual installation of Windows 10 Feature Updates

Using PowerShell to create Windows 10 Custom Device Policy from the output of Endpoint Manager Group Policy Analytics

In 2020 Microsoft released the Endpoint Manager Group Policy Analytics (still in Preview). This can be very useful to determine your level of modern management support. At this point Group Policy analytics only provides you with the MDM Supported values in CSP mappings and do not provide any further options to create the policies. As … Continue reading Using PowerShell to create Windows 10 Custom Device Policy from the output of Endpoint Manager Group Policy Analytics

Field Notes: Active Directory tombstone lifetime

The days of updating the default tombstone lifetime for Active Directory may be long forgotten, but if your Active Directory Forest has been running since Windows Server 2000/2003 and you have never verified the tombstone lifetime, it may be worthwhile to do so. As I have found first-hand with my customer, there are some deployments out there that may still be using a tombstone lifetime of 60 days. Expecting a value of 180 days and realizing too late that this is not the case may cause unnecessary complications in the future.

Azure Sentinel PowerShell Module Hits GA at Version 1.0.0

Some of you may remember, but during the Christmas/NYE season last year (2020), an official PowerShell module for Azure Sentinel saw the light of day. Just a few hours ago, this module finally hit 1.0.0, hence its been released for General Availability. How cool is that?? Download it from here: PowerShell Gallery | Az.SecurityInsights 1.0.0 … Continue reading Azure Sentinel PowerShell Module Hits GA at Version 1.0.0

How I install Microsoft Code

I automate most of my application installs so I can easily install on Windows Virtual Desktop (WVD), Virtual Desktop Infrastructure (VDI), or individual Azure Virtual machines. The code downloads the latest Microsoft Code build and installs the version with minimal PowerShell specific customizations (that I have discovered so far). This script can be executed from … Continue reading How I install Microsoft Code