Skip to main content
MEM v ENNBEE - Battles with Modern Endpoint Management

Nick Benton

I’m Nick Benton, an end-user computing specialist with over a decade of experience in consulting, architecture, design, and implementation of modern device management, and enterprise mobility solutions. I currently have the role of Principal Cloud Endpoint Consultant at Phoenix Software Ltd who were the Global Microsoft Partner of the Year for Modern Endpoint Management 2023, where my main focus is assisting customers in their road to a modern workplace cloud first approach, using Microsoft Intune, with a focus on migration, security and zero touch deployments.

I use this website as a platform to share content with the community, based on solutions I find, to problems encountered in real world scenarios.

Lower-Touch Defender for Endpoint Onboarding for Android Devices
Intune Android Microsoft Defender Security OEMConfig
Can we improve upon the onboarding of Android Enterprise devices to Defender for Endpoint and make users lives a little easier, and Security Teams hearts a little less restless having to rely on end users to implement their own security controls?
Risk Based Windows 11 Feature Update Deployment - Improvements
Intune Windows 10 and later Software Updates Feature Updates Dynamic Groups PowerShell Graph API Automation
An unexpected update to the Windows 11 Feature Update deployment series, looking at how to tag users instead of devices, and an improved way to get the readiness report data, and other performance improvements. What a day.
Forcing Windows 11 Feature Update Readiness Assessments
Intune Windows 10 and later Software Updates Feature Updates Remediation Scripts PowerShell Security
As a migration to Windows 11 is fast upon us, I thought I’d help your devices on their way into understanding whether they will support Windows 11 and what risks you may encounter with the update, by forcing devices to evaluate their readiness states.
Converting AppLocker Policies to Intune Profiles
Intune Windows 10 and later AppLocker Security PowerShell Custom Profiles Graph API Endpoint Security
We know that there is no native configuration for AppLocker in Intune, and we should be looking at App Control for Business already, but there is still a place for AppLocker, and I haven’t got time to manually do anything, so let’s use PowerShell to create out AppLocker policies from exported XML files.
Scheduling Defender for macOS Antivirus Scans in Intune
Intune macOS Configuration Custom Profiles PowerShell Security Jamf Endpoint Security Microsoft Defender
You’d think creating Defender antivirus scan schedules should be pretty easy, even if the devices you’re working with are running macOS. Why are we having to create mobileconfig files for this in Microsoft Intune? Surely we can make this a little better?
Self-Service Software Update Deployments
Intune Windows 10 and later macOS iOS/iPadOS Android Software Updates Dynamic Groups Security
Fancy letting your end users select what day of the week they get their device updates allowing them to be truly empowered but still ensure a level of device security, sure you do.
Installing the Configuration Manager Client on Orphaned Internet Devices
Intune Configuration Manager Windows 10 and later PowerShell Apps Co-management
You’ve just implemented a Cloud Management Gateway to help your hybrid joined Windows devices communicate to Configuration Manager over the internet, but what if they’re orphaned and unable to communicate to Configuration Manager to get the new Client Settings?
Patching Gaps in the CIS Windows 11 Benchmark - Level 2 Windows 11
Intune Windows 10 and later Security Center for Internet Security (CIS) Custom Profiles Settings Catalog Remediation Scripts PowerShell
This is the last part in the series around the CIS (Center for Internet Security) benchmark for Windows 11, and we’d like to say that we’ve saved the best post for last, but we’d be lying. Surely the Level 2 settings can’t be worse than the Level 1?
Automatically Setting an Out of Office Message with Power Automate
Power Automate Automation
I’m not sure what I’m doing playing around with Power Automate, but here we are. Like many people, I have a habit of forgetting to set an Out of Office message when I’m actually on holiday, or when I’m working with customers. Let’s see if we can make something do this for us.