Menu
CCMEXEC.COM – Enterprise Mobility
  • Home
  • General
  • Configuration Manager
  • Windows 10
  • Windows 11
  • Intune
  • GitHub
  • About
CCMEXEC.COM – Enterprise Mobility

Category: Windows 11

New settings in Intune Security Baseline Windows 11 24H2 -2504

Posted on May 19, 2025May 19, 2025 by Jörgen Nilsson

In service release 2504 of Intune new settings is added to the Windows 11 24H2 Security Baseline. However, they are not released as a new version of the baseline but added when you either create a new policy or edit an existing policy. In this post we will look at the experience upgrading and adding…

+

Managing extensions in Visual Studio Code

Posted on February 13, 2025February 14, 2025 by Jörgen Nilsson

Managing extensions in Visual Studio code is supported since version 1.96 (November 2024) and is a very welcome addition. We can block extensions, allow extensions or control exactly which version of an extension that is allowed and more. ADMX/ADML files are now included in the setup files for Visual Studio code.I will not use them…

+

Administrator protection in Windows 11 – First look

Posted on December 10, 2024December 10, 2024 by Jörgen Nilsson

Administrator Protection in Windows 11 was announced at Ignite a couple of weeks ago which adds a well needed more secure option than UAC to protect our accounts with Local Administrator permissions. Administrator Protection reminds a bit on how Microsoft Endpoint Privilege Management works with a separate virtual account. Instead of the traditional UAC elevation…

+

Customizing Taskbar and Start in Windows 11 23h2 with PowerShell

Posted on August 20, 2024August 20, 2024 by Jörgen Nilsson

Updated script (about time! many requests and comments) that customizes the Taskbar by adding removal of the copilot icon on the Taskbar and fixing removal of search which I got a lot of comments about that it stopped working. The original article can be found here: https://ccmexec.com/2022/10/customizing-taskbar-and-start-in-windows-11-22h2-with-powershell/ Search is also fixed but had to be…

+

Intune Custom Compliance – check that Credential Guard is running

Posted on March 26, 2024March 26, 2024 by Jörgen Nilsson

Custom compliance policies have been around for a long time, and it is a really great feature. I have argued many times that we should not block users from working when they cannot make the device compliant themselves. But with more and more tasks being added on top of managing devices, being proactive is something…

+

PowerShell script to keep Personal Teams away in Windows 11

Posted on September 13, 2023September 15, 2023 by Jörgen Nilsson

Finally time to blog during these busy times, removing Personal Teams in Windows 11 by setting the ConfigureChatAutoInstall registry value to prevent from installing. The challenge is that the permissions on that registry key, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Communications is set to TrustedInstaller so it is hard to create the necessary value. There are solutions out there that uses…

+

Windows 11 Multi-App kiosk – a first look

Posted on July 6, 2023March 28, 2024 by Jörgen Nilsson

Windows 11 Multi-app kiosk is finally here, when writing this it is not released in the cumulative update for Windows 11 22H2 yet. And because of that it is not possible to configure it through Intune or Provisioning packages just yet when I am writing this. More information: Set up a multi-app kiosk on Windows…

+

PS Script to Update Boot images with CU-CVE-2023-24932

Posted on May 10, 2023August 20, 2024 by Jörgen Nilsson

This will be a short post on how to update WinPE boot images with a Cumulative Update as we need to do that now with the release of May 2023 Cumulative Update to address CVE-2023-24932. Spent all day with colleagues to try to test what happens to OS deployment (and AutoPilot) when deploying the mitigation…

+
  • 1
  • 2
  • 3
  • Next

My name is Jörgen Nilsson and I work as a Senior Consultant at Onevinn in Malmö, Sweden. This is my blog where I will share tips and stuff for my own and everyone elses use on Enterprise Mobility and Windows related topics.
All code is provided "AS-IS" with no warranties.

Recent Posts

  • New settings in Intune Security Baseline Windows 11 24H2 -2504
  • Managing extensions in Visual Studio Code
  • Reinstall a required Win32app using remediation on demand
  • Administrator protection in Windows 11 – First look
  • Remediation on demand script – ResetWindowsUpdate
©2025 CCMEXEC.COM – Enterprise Mobility | WordPress Theme by Superb Themes
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT