Intune DeviceType Reference for Azure Sentinel KQL

As you start to connect your Intune/Endpoint Manager logs to Azure Sentinel, you may see right away that there's a DeviceType column exposed that looks valuable but the results show ID numbers instead of just device names. This DeviceType column is directly related to the DeviceTypeID for Intune device entities. As an example, the following … Continue reading Intune DeviceType Reference for Azure Sentinel KQL

Digging Deeper into Intune and Azure Sentinel

Last week I finally found some time to start digging into managing security for Intune-enrolled devices with Azure Sentinel. Obviously, the first thing that had to be done was to connect Intune data to Azure Sentinel. Read about how to do that here: Connecting Intune to Azure Sentinel. The next step was to ensure that … Continue reading Digging Deeper into Intune and Azure Sentinel

Intune: Export Policies for Comparison

Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS), deeply involved in a current project to configure Intune for a customer's use. As with many of your customers, mine found themselves in a situation where they needed to get a secure 'remote' working solution in place quickly due to the COVID-19 … Continue reading Intune: Export Policies for Comparison

Intune – “Steps for Windows 10 Automated MDM Enrollment into Microsoft Intune”

Business Case I recently had a scenario at a customer where we needed to very quickly enroll machines into Intune but in an automated way without user intervention. After a few days of testing and troubleshooting please find my tips below. In the current scenario Co-Management has already been set up in MEMCM. This is … Continue reading Intune – “Steps for Windows 10 Automated MDM Enrollment into Microsoft Intune”

Microsoft Endpoint Manager- Intune – Working with Certificates

Howdy all - Steven Rachui here. For this post the topic will be certificates! Microsoft Intune provides several means by which certificates can be deployed to devices. With the array of options available it may be confusing know which one should be used in a given scenario. The video linked below dives deeply into each … Continue reading Microsoft Endpoint Manager- Intune – Working with Certificates

Convert all targeted devices to Autopilot

In this blog I will look at how to convert an existing corporate device to Autopilot. Configuration Ensure you have an AD/AAD group that contains the existing corporate devices that you would like to target for Autopilot conversion. Open the Azure portal and navigate to Microsoft Intune > Device enrollment > Windows enrollment On the … Continue reading Convert all targeted devices to Autopilot

Intune Device Management – Removing Local Admins in Windows 10 Devices

Following up to the post on renaming windows 10 devices that are managed by Intune, another frequent requirement is remove the local user accounts from Administrators group. The AAD user account will be provisioned as Standard User and hence removing the local user accounts from Admin group is critical to secure the device from unauthorized … Continue reading Intune Device Management – Removing Local Admins in Windows 10 Devices

Intune Device Management – Renaming Windows 10 Devices

I have come across customers who auto enroll Azure AD domain joined Windows 10 devices in Intune and use the device management capabilities like enforcing compliance polices, configuring certificates, Wi-Fi, VPN, Endpoint and other profiles. These devices are remotely used, and IT team does not have much control. Most frequent ask is to rename the … Continue reading Intune Device Management – Renaming Windows 10 Devices