Category: Intune

extensionAttributes – add values via Powershell + CSV file

It is common to have one or multiple extensionAttributes in an Azure AD environment for use with Intune for example. These extensionAttributes can be handled in a couple of different ways when it comes to managing the values set for each of those. For simplicity I’ve created a Powershell script that can add values to…



Microsoft Defender ATP for Mac now available in Public Preview

Yesterday Microsoft released Microsoft Defender ATP for Mac in public preview and are now available for download and installation though the Microsoft Defender Security Center. In the onboarding section in Microsoft Defender Security Center, if you have preview features selected, you will see how to onboard macOS machines. You will have the option to download…



Add you own local admin users on Azure AD devices

Do you have issues when trying to add an account as local admin on your Azure AD Joined device? Maybe you have specific requirements regarding which accounts should be admins on your client machines and the Azure AD solution (additional local administrators on Azure AD joined devices) is not enough to satisfy your needs. There…



Deploy separate Intune workloads to different collections (Co-management)

I was looking for a way to be able to deploy a Co-management policy with only Windows Update policies workload to a specific collection. This in order to transition a smaller amount of computers (who are not a member of the already existing Pilot group) to be controlled via Intune instead. In the Configuration Management…



Move Software Updates to Intune with Co-management

To move on with the transition towards Modern Management we can use Co-management in SCCM to decide where settings are coming from. In this specific scenario we will do a switch from Software Updates via SCCM to Intune controlled Software Updates for one test client. I will show you the following steps. How to setup…



Intune – Administrative Templates (Preview) are here

Microsoft has now released their Administrative Templates (Preview) for Intune which makes it a lot more simple to use settings like controlling a OneDrive setup, changing Office settings or configure Internet Explorer. So where do you find this new functionality? Login to the Intune Management PortalGo to Device Configuration > Profiles > Create profileName: Enter…



Device cleanup rules for Microsoft Intune

As an IT Administrator you want to keep your IT environment clean and tidy and the same goes for Microsoft Intune. By default all devices that has been inactive or stale and hasn’t checked in for over 270 days will automatically been removed from the console. In the latest update for Microsoft Intune dated July…



App Protection Policies for managed and unmanaged devices in Intune

In the latest update of Microsoft Intune, you now have the option to target App protection policies for Mobile apps if the device is Intune managed or if its unmanaged. The two options that for now is available, if you select not to target all app types are: Apps on unmanaged devices Unmanaged devices are…



Block external access for Service Accounts using Conditional Access in Azure AD

Conditional Access in Azure Active Directory is normally used for users and administrators to secure and control company data in Office 365 and Azure, but what about Service Accounts? Aren’t they a potential security risk? Using Service Accounts for scripts and other tasks related to Office 365, Azure and Azure AD is a normal practice…