In my last blog post, I showed you how to use Detection scripts in Intune. In this blog post, I will show you how the additional requirement rules work and how you can use PowerShell for those.
When I deploy Win32 packages in Intune, I use PowerShell detection scripts to detect if the software is installed on a system. In the blog post, I will show you how they work and why they are more flexible than file and registry checks. Table Of ContentsshowWhat are detection scripts in Intune?How do detection scripts … Continue reading Microsoft Intune PowerShell Detection scripts
One of the best things about Microsoft Intune is Windows Autopilot. In this blog post, I will show you how to create a report of the current status of Windows Autopilot in your tenant.
I used Microsoft Graph X-Ray as a tool for getting the PowerShell cmdlets needed for scripting specific actions in the Azure / Entra ID portal in the past. But you can also use it for Intune 🙂 In this blog post, I will show you how this works.
One of our customers wanted to know per device which the real Primary User was and the user logon date of every user that used that device. (They have some shared devices.) In this blog post, I will show you how to retrieve that information from Intune and export it.
This week the annual Dutch Experts Live meeting was there again in Den Bosch, I was there together with some of my colleagues from NEXXT, and this is my impression of the event 🙂
Microsoft Defender has security recommendations for the "Fix unquoted service path for Windows services.” (CVE-2013-1609, CVE-2014-0759, CVE-2014-5455) These might be reported for things like Dell services, and you can fix them manually by editing the Registry on the affected device. But... There is an easier way 🙂 This blog post will show you how to create a Proactive Remediation in Intune for it.
One of our customers wanted to be sure that there were no additional accounts in the local Administrators group on their Intune devices, and... That's where Custom Compliance policies come in 🙂 In this blog post, I will show you how to automatically check the Administrators group and mark the device as non-compliant if needed.
Testing things is always essential, and Windows has a nice built-in Feature for that which is called Windows Sandbox. You can look at this as a throwaway Windows VM, you start and use it, and afterward, there's no trace of it anymore, making it ideal for testing! In this blog post, I will show you how to test PowerShell scripts and Intune packages in Windows Sandbox.
It's just a beautiful Friday 13th, due to a Windows Defender update that removed shortcuts from many machines with Attack Surface Reduction enabled for Macros. (Work-around "Setdefender ASR rule 92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b to audit only unit issue is resolved.") This blog post describes how you can recreate the missing shortcuts and deploy this using Intune or run it manually on the affected system(s).