Proactive Remediations What? Why? How?

So, Proactive Remediations What? Why? How? My insight into Proactive Remediations. I didn’t have time yet to check out the “Proactive Remediations” feature. I see a lot of solutions with Proactive Remediations but they only show the solution. Don’t get me wrong, I have seen some awesome stuff built. I hope to give you some … Read more

Intune Devices Report via Graph and Teams

This blog is about a request from a project manager. He wanted to be automatically updated about the new intune devices enrolled. So, I decided to build an Intune devices report via Graph and update it weekly in a Microsoft Teams channel post. Prerequisites I am not really a Power Automate/Logic App guy (I know … Read more

Assign Store Applications in Intune via Powershell

I meant to write this blog a long time ago. I always wanted to deep-dive into Intune to assign Microsoft Store Applications via Powershell. We all struggled with the Microsoft Store applications and assigning them “one by one” through the portal. Even though (almost) every assignment was the same: “Unassign for All Users/All Devices”. Of … Read more

Gather Hardware Hash and receive via Mail

I wrote a script to gather the Windows 10 AutoPilot hardware hash and receive this via e-mail. The current user’s Outlook profile sends the e-mail. The e-mail is available in sent items if you want to view it later. Prerequisites The user is local admin on the device where you want to gather the Windows … Read more

Add exclusion in Attack Surface Reduction – Microsoft Defender for Endpoint

Lately, I am playing around with Microsoft Defender for Endpoint and how to add an exclusion in Attack Surface Reduction. Let’s first walk through the situation at hand. I am building a new Microsoft Endpoint Manager solution for a customer of mine and they use a custom-made signature module (Signature365/Innovative365). This custom module didn’t work … Read more

Elevate Administrative Tools menu for Endpoint

This PowerShell tool helps ServiceDesk employees to do their work. This script creates a menu where you can pick Administrative Tools to elevate on your endpoint. Why do you need this? In a previous blog post, I explained how you can create an elevated PowerShell session on Endpoint Managed device. I got feedback from ServiceDesk … Read more

Intune Backup to Storage Account Pt.3 – The Notification

This post is about creating an Intune backup to a storage account Pt.3. You could use this to create a daily backup or even more frequent. The clarify the above. I created a script that creates a backup from your Intune environment and uploads it to a storage account. The last step is to send … Read more

Intune Backup to Storage Account Pt.2 – The Automation Account

This post is about creating an Intune backup to a storage account Pt.2. You could use this to create a daily backup or even more frequent. The clarify the above. I created a script that creates a backup from your Intune environment and uploads it to a storage account. This part is about running the … Read more

Intune Backup to Storage Account Pt.1 – The Script

This post is about creating an Intune backup to a storage account. You could use this to create a daily backup or even more frequent. The clarify the above. I created a script that creates a backup from your Intune environment and uploads it to a storage account. I got a couple of requests to … Read more

Import Intune Backup and Assign Group

if you import an Intune Backup via the Powershell Module (IntuneBackupAndRestore), it does not assign a group automatically. There is no option in that module. This blog features a script that assigns a group automatically to all imported profiles. The script assigns the following policies: Configuration Policies Administrative Templates Windows Update Policies Compliance Policies Powershell … Read more