Graph API
Risk Based Windows 11 Feature Update Deployment - Improvements
Intune
Windows 10 and later
Software Updates
Feature Updates
Dynamic Groups
PowerShell
Graph API
Automation
An unexpected update to the Windows 11 Feature Update deployment series, looking at how to tag users instead of devices, and an improved way to get the readiness report data, and other performance improvements. What a day.
Converting AppLocker Policies to Intune Profiles
Intune
Windows 10 and later
AppLocker
Security
PowerShell
Custom Profiles
Graph API
Endpoint Security
We know that there is no native configuration for AppLocker in Intune, and we should be looking at App Control for Business already, but there is still a place for AppLocker, and I haven’t got time to manually do anything, so let’s use PowerShell to create out AppLocker policies from exported XML files.
Risk Based Windows 11 Feature Update Deployment - Automation
Intune
Windows 10 and later
Software Updates
Feature Updates
Dynamic Groups
PowerShell
Graph API
Automation
The final part in this series looks at how to bring everything together under a single, repeatable script, allowing for the capture of readiness state, the tagging of devices to support the distribution of Windows 11 23H2.
Risk Based Windows 11 Feature Update Deployment - Feature Updates
Intune
Windows 10 and later
Software Updates
Feature Updates
Dynamic Groups
PowerShell
Graph API
Using the data captured from a Windows 11 Feature Update Readiness report to successfully tag device attributes to device objects, and group them based on risk, we now look at how to deploy Feature Updates to these devices in a controlled manner.
Risk Based Windows 11 Feature Update Deployment - Device Attributes
Intune
Windows 10 and later
Software Updates
Feature Updates
Dynamic Groups
PowerShell
Graph API
Automation
Having looked into capturing the Feature Update Readiness data for Windows 11 23H2 for our Windows devices, we can now use this risk based data to tag them with their associated risk, grouping them together to allow for sensible Feature Update profile assignment.
Risk Based Windows 11 Feature Update Deployment - Reporting
Intune
Windows 10 and later
Software Updates
Feature Updates
Dynamic Groups
PowerShell
Graph API
Automation
With Windows 10 support coming to an end sooner than you’d expect, in the first part of this series we look at ways to capture Feature Update Readiness Report data using PowerShell and Graph to help with the rollout of the new Windows 11 operating system.
Creating Reusable Groups of Firewall Settings for Microsoft Online Services
Intune
Windows 10 and later
Security
PowerShell
Graph API
Settings Catalog
Firewall
Automation
Endpoint Security
It’s time to remove another manual process, this time the creation of Microsoft 365 network endpoints for Windows Firewall Rules in Microsoft Intune, because nobody should be creating these manually.
Using Entra ID Device Attributes for Conditional Access Exceptions
Intune
PowerShell
Graph API
Security
Conditional Access
Automation
So you like Intune Device Compliance and the integration with Conditional Access, what about if you’ve got VDI or Remote Desktop infrastructure that you want to exclude from specific policies, how do you go about that in a safe and controlled way.
Modernising Microsoft Intune Firewall Rule Policies
Intune
Windows 10 and later
PowerShell
Graph API
Settings Catalog
Security
Firewall
Automation
Endpoint Security
If you’ve ever experienced the joys of migrating Group Policy and in particular Windows Defender Firewall rules away from Group Policy to Microsoft Intune, you’ve probably encountered the Rule Migration Tool, and for now this tool has worked well. So what’s the catch?