Skip to main content
MEM v ENNBEE - Battles with Modern Endpoint Management

Nick Benton

I’m Nick Benton (ennbee), an end-user computing specialist with over a decade of experience in consulting, architecture, design, and implementation of modern device management, and enterprise mobility solutions. I currently have the role of Principal Cloud Endpoint Consultant at Phoenix Software Ltd who are the Global Microsoft Partner of the Year for Modern Endpoint Management 2023, where my main focus is assisting customers in their road to a modern workplace cloud first approach, using Microsoft Intune, with a focus on migration, security and zero touch deployments.

I use this website as a platform to share content with the community, based on solutions I find, to problems encountered in real world scenarios.

Software Update Deployment Rings for Managed macOS Devices
Intune macOS Software Updates Dynamic Groups Security National Cyber Security Centre (NCSC)
So you’ve pulled the trigger on managing macOS devices in Microsoft Intune, and with this year being the year of macOS for Microsoft (this seems like an oxymoron), you should probably look at how to handle software updates.
Risk Based Windows 11 Feature Update Deployment - Reporting
Intune Windows 10 and later Software Updates Feature Updates Dynamic Groups PowerShell Graph API Automation
With Windows 10 support coming to an end sooner than you’d expect, in the first part of this series we look at ways to capture Feature Update Readiness Report data using PowerShell and Graph to help with the rollout of the new Windows 11 operating system.
Remediating BitLocker DMA Exception Errors with Microsoft Intune
Intune Windows 10 and later BitLocker PowerShell Security Direct Memory Access
So you’ve configured BitLocker encryption in Microsoft Intune, but some of your devices are failing to encrypt complaining about a DMA exception issue as part of Automatic Encryption. How can we fix that without creating a gaping security hole?
Creating Reusable Groups of Firewall Settings for Microsoft Online Services
Intune Windows 10 and later Security PowerShell Graph API Settings Catalog Firewall Automation Endpoint Security
It’s time to remove another manual process, this time the creation of Microsoft 365 network endpoints for Windows Firewall Rules in Microsoft Intune, because nobody should be creating these manually.
A Flexible Approach to Microsoft Update Deployments
Intune Windows 10 and later Software Updates Dynamic Groups Security National Cyber Security Centre (NCSC)
It’s been a while since we’ve looked at deploying Microsoft and Windows Updates using Microsoft Intune, this time we look at different ways to phase our deployments across a device estate.
Custom Backgrounds for macOS New and Classic Microsoft Teams Apps
Intune macOS Microsoft Teams Apps Shell Script
With the availability of the new Microsoft Teams client for macOS, we should build upon an existing script to deploy backgrounds, and update it to support not just the new version but the classic version as well.
Keeping Windows Store Apps Updated with Microsoft Intune
Intune Windows 10 and later Software Updates Remediation Scripts Apps PowerShell Windows Autopilot Security
Now we all love the new Windows Store, especially for deploying applications from Microsoft Intune, but we should find a way to keep these UWP applications up to date without additional license cost.
Automatically Resizing the WinRE Partition for Windows Update KB5034441
Intune Windows 10 and later Software Updates PowerShell Remediation Scripts BitLocker Endpoint Security Security
When Microsoft releases an update that won’t install due to the size of a Recovery partition, what do you do? Follow the manual steps provided by Microsoft or blindly follow a script created by a stranger on the internet?
Using Entra ID Device Attributes for Conditional Access Exceptions
Intune PowerShell Graph API Security Conditional Access Automation
So you like Intune Device Compliance and the integration with Conditional Access, what about if you’ve got VDI or Remote Desktop infrastructure that you want to exclude from specific policies, how do you go about that in a safe and controlled way.