Remediations on demand is an extremely powerful tool for managing our Intune managed devices. One of the biggest differences compared to how we managed Windows Devices on premises was that we could always connect to them using WinRm for example and solve problems.In the Zero-trust world there is no such possibility, many are working from…
Customizing Taskbar and Start in Windows 11 23h2 with PowerShell
Updated script (about time! many requests and comments) that customizes the Taskbar by adding removal of the copilot icon on the Taskbar and fixing removal of search which I got a lot of comments about that it stopped working. The original article can be found here: https://ccmexec.com/2022/10/customizing-taskbar-and-start-in-windows-11-22h2-with-powershell/ Search is also fixed but had to be…
Copilot in Edge Sidebar and access to current webpage
This has been a discussion point for a couple of weeks now at least in Sweden and EU and it is time to write a short post on the topic. I see many organizations disabling both Copilot and the Edge Sidebar which can be used to access Copilot. Which is always sad in some perspective…
MMUGSE meetup 31/5
Time for the MMUGSE Event 5/31! This time it will be a virtual event, we are working on arranging a physical meeting in the fall. This time we have the great pleasure of listening to Nickolaj Andersen, Ola Ström and Simon Binder! Agenda:8:30 Welcome / State of management – Jörgen Nilsson & Stefan Schörling9:00 Windows…
Configuring Dell BIOS using built-in support in Intune
With the April Intune release a new feature was released that makes it possible to configure Dell BIOS by deploying a CCTK file using Intune. Intune also has the built-in capability to create a unique BIOS password for each Dell computer and store it in Intune, like LAPS for BIOS passwords. This new policy is…
Intune Custom Compliance – check that Credential Guard is running
Custom compliance policies have been around for a long time, and it is a really great feature. I have argued many times that we should not block users from working when they cannot make the device compliant themselves. But with more and more tasks being added on top of managing devices, being proactive is something…
Managing shared devices and app deployment in Intune
Shared devices in Intune is something that pop-ups in every project where we move to Intune and Entra Joined devices. When using Intune and available user apps it is enforced by the Company Portal app if you are allowed to install an available app or not based on Primary user of the device. In some…
Enable RDP Access Only to the Enrolled by User in Windows Using Intune
Got this request based on the PowerShell script I wrote on how to make the “enrolled by” user in Intune member of the local admin group, but instead add the user to the Remote Desktop Users group. Which is really easy to change, but to get this to work in a good way we also…