This week the annual Dutch Experts Live meeting was there again in Den Bosch, I was there together with some of my colleagues from NEXXT, and this is my impression of the event 🙂
Intune
Intune Proactive Remediation for “Microsoft Windows Unquoted Service Path” / CVE-2013-1609, CVE-2014-0759, CVE-2014-5455
Microsoft Defender has security recommendations for the "Fix unquoted service path for Windows services.” (CVE-2013-1609, CVE-2014-0759, CVE-2014-5455) These might be reported for things like Dell services, and you can fix them manually by editing the Registry on the affected device. But... There is an easier way 🙂 This blog post will show you how to create a Proactive Remediation in Intune for it.
Custom Compliance PowerShell script for detecting additional local Administrators
One of our customers wanted to be sure that there were no additional accounts in the local Administrators group on their Intune devices, and... That's where Custom Compliance policies come in 🙂 In this blog post, I will show you how to automatically check the Administrators group and mark the device as non-compliant if needed.
Using Run-in-Sandbox for testing scripts and Intune packages
Testing things is always essential, and Windows has a nice built-in Feature for that which is called Windows Sandbox. You can look at this as a throwaway Windows VM, you start and use it, and afterward, there's no trace of it anymore, making it ideal for testing! In this blog post, I will show you how to test PowerShell scripts and Intune packages in Windows Sandbox.
Recreate Desktop and Start Menu shortcuts #ASRmageddon
It's just a beautiful Friday 13th due to a Windows Defender update that removed shortcuts from many machines with Attack Surface Reduction enabled for Macros. (Work-around "Setdefender ASR rule 92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b to audit only unit issue is resolved.") This blog post describes how you can recreate the missing shortcuts and deploy this using Intune or run it manually on the affected system(s).
Adding printer drivers and printers using Microsoft Intune and PowerShell
This year I wrote two blog posts about adding printer drivers and printers to Intune clients. Recently I repackaged these two into one package with some improvements. In this blog post, I will show how it looks now 🙂
Read IntuneManagementExtension logs using PowerShell
You have to read logs, but the Intune logs are difficult without tools like CMTrace on the user's device. (The formatting is not that nice without it) In this blog post, I will show you an easy way to read one or two specific logs, or all the logs at once, and each in its Out-Gridview console for easy filtering when searching for keywords.
Using PowerShell scripts in Endpoint Manager Compliance Policies
I wrote a blog post about where you could use PowerShell scripts in Endpoint Manager here, but I didn't mention the possibility of using it in Compliance Policies. In this blog post, I will 🙂
Deploy a Hyper-V VM and register it for Autopilot automatically using PowerShell
I need a VM connected to the customer's tenant for Endpoint Manager testing. This involves deploying a Windows 10 or 11 VM, changing hardware settings (Secure Boot/TPM/Checkpoint settings), and registering it for Autopilot. This blog post will show you how to automate the process as much as possible.
Upload Windows Autopilot hardware hash easily
Retrieving the hardware hash for a new laptop or VM involves a few steps. Starting PowerShell, configuring the execution policy, installing the get-windowsautopilot script, answering a few prompts, and entering your credentials to upload it to your environment. In this blog post, I will show you how to minimize the number of steps needed.