Skip to main content

Windows 10 and later

Self-Service Software Update Deployments
· loading
Microsoft Intune Windows 10 and later macOS iOS/iPadOS Android Software Updates Dynamic Groups Security
Fancy letting your end users select what day of the week they get their device updates allowing them to be truly empowered but still ensure a level of device security, sure you do.
Installing the Configuration Manager Client on Orphaned Internet Devices
· loading
Microsoft Intune Microsoft Configuration Manager Windows 10 and later PowerShell Apps Co-management
You’ve just implemented a Cloud Management Gateway to help your hybrid joined Windows devices communicate to Configuration Manager over the internet, but what if they’re orphaned and unable to communicate to Configuration Manager to get the new Client Settings?
Patching Gaps in the CIS Windows 11 Benchmark - Level 2 Windows 11
· loading
Microsoft Intune Windows 10 and later Security Center for Internet Security (CIS) Custom Profiles Settings Catalog Remediation Scripts PowerShell
This is the last part in the series around the CIS (Center for Internet Security) benchmark for Windows 11, and we’d like to say that we’ve saved the best post for last, but we’d be lying. Surely the Level 2 settings can’t be worse than the Level 1?
Microsoft Intune and the Curious Case of the Converting Firewall Rule Policy
· loading
Microsoft Intune Windows 10 and later Settings Catalog Security Firewall Endpoint Security PowerShell
When did Microsoft go all covert ops (maybe don’t answer that question) and start making changes to your very own Firewall Rule policies in Microsoft Intune without letting anyone know? Or did they?
Patching Gaps in the CIS Windows 11 Benchmark - Level 1 Windows 11
· loading
Microsoft Intune Windows 10 and later Security Center for Internet Security (CIS) Endpoint Security Remediation Scripts PowerShell Settings Catalog Custom Profiles
The impact of the CIS settings on BitLocker and Windows Autopilot now done and dusted, we should broaden our horizons and start to look at what other problems the CIS level 1 benchmark brings to Windows 11 as a whole. Are there any? Will it be smooth sailing? Yeah, no.
Renaming Windows Autopilot v2 Devices
· loading
Microsoft Intune Windows 10 and later Windows Autopilot Windows Autopilot Device Preparation Custom Profiles
So Microsoft released Windows Autopilot Device Preparation, or more commonly known as APv2, into General Availability a little while ago. So with this production release we should be able to name our corporate owned Windows devices right Microsoft? Right?
Patching Gaps in the CIS Windows 11 Benchmark - Level 1 Windows Autopilot
· loading
Microsoft Intune Windows 10 and later Security Center for Internet Security (CIS) Windows Autopilot Windows Hello Settings Catalog PowerShell
With the CIS BitLocker and associated DMA settings reviewed and updated, now is time to delve into the Windows 11 specific settings that exist in the CIS Level 1 benchmark. What issues do they bring to Windows Autopilot, what solutions can we find? Honestly, who knows.
Patching Gaps in the CIS Windows 11 Benchmark - BitLocker
· loading
Microsoft Intune Windows 10 and later Security Center for Internet Security (CIS) Custom Profiles BitLocker Direct Memory Access Settings Catalog
Everyone loves a security benchmark, and with the imminent move to Windows 11 for everyone, the Center for Internet Security released version 3.0.1 of theirs, including a build kit for Microsoft Intune, but what does this build kit break for BitLocker encryption?
Risk Based Windows 11 Feature Update Deployment - Automation
· loading
Microsoft Intune Windows 10 and later Software Updates Dynamic Groups PowerShell Graph API Automation
The final part in this series looks at how to bring everything together under a single, repeatable script, allowing for the capture of readiness state, the tagging of devices to support the distribution of Windows 11 23H2.