In Configuration Manager we always had log files for everything, extremely useful when troubleshooting. In Intune we have the event log and the MDMDiagnosticsTool which is our best friends. Win32app and PowerShell Scripts deployed are installed using the Intune Management Extension and for that we do have log files where we can track/troubleshoot application deployment.
I wrote a post on how to roam Google Chrome settings using UE-V a while back making Chrome a great experience as we can roam bookmarks, settings, and more to a single file, “Profile.pb”. Note: enabling Roaming profile support removes the possibility to sync with the Google Cloud using a Google account.https://ccmexec.com/2018/09/using-google-chrome-roaming-profile-settings-with-ue-v/ Now time has
Quick assist is a built-in remote control app in Windows 10 intended for home and personal use, that is at least my opinion. Many don’t even know that it exists and for an enterprise we really need to manage it = remove it or block it. I wrote a blog post about it here at
One of the biggest challenges and discussion points when it comes to removing the local admin permissions from users is that they cannot add multi-function printers without admin permissions as they need to install additional software to work. I bought a new OfficeJet printer the other day and was happily surprised that the HP Smart
I wrote a blogpost on how to make CMTrace which is included in the SCCM client nowadays using a PowerShell script. I got a question basically instantly if that could not be used for Intune managed clients without the SCCM client. Yes! it can, we only need to add a line to copy CMTrace.exe to
One of the biggest limitations in Microsoft Intune has been that we can only deploy single-file .MSI’s and not .EXE installers. With the release of Win32app install support (in Preview) that limitation is now gone! Not only does it support legacy setups like .exe files for instance we can also use it for advanced .MSI
Google Chrome has a great set of Group Policy settings we can configure which makes it possible for us to even use Chrome in environments with high-security requirements, and we can also do this with Intune as it supports ADMX ingestion and ADMX backed policies! Starting with Google Chrome version 69 and later it supports
One of the most common requests I get when deploying Intune is that they want to deploy for instance a Certificate, VPN, WiFi or a specific app only to corporate owned devices and not personal(BYOD) devices. We have Dynamic groups in AzureAD that can solve this for us, however when I looked at the documentation