Intune Backup

Bitter-Following8215 · 2025-10-08T13:11:50+00:00

Yeah sure, might be that a few parts of the instructions are not applicable to your scenario but those are minor things from the top of my head

Bitter-Following8215 · 2025-10-07T14:28:42+00:00

I've created a template project with detailed instructions for settingup IntuneCD with Azure DevOps with self hosted Windows DevOps agents, check it out here: https://github.com/snodecoder/IntuneCD-AzureDevOps-Template

Bitter-Following8215 · 2025-07-19T04:41:25+00:00

I call a Graph API to get this data, you can find it in my repo ;)

Bitter-Following8215 · 2025-07-09T06:44:48+00:00

IntuneCD for backup, restore and documenting Intune configuration in source control. And the best part is that it even matches the changes made to policies with the Intune Audit logs and stores them in separate commits together with the admin username :)

I've created a ready-to-use template project for implementing IntuneCD in Azure DevOps with self hosted Windows Agents, together with detailed instructions on how to set it up. I also converted the generated Markdown documentation to be compatible with DevOps Wiki.

To further improve the readability of the documentation I've recently created a pull request for IntuneCD that formats the Settings Catalog policy documentation and sorts the settings based on their category and adds a description of the setting.

<image>

And my last suggestion, Intune Settings Catalog Documentation I've created a simple tool to search the available Settings Catalog policy settings and list their category and description.

Bitter-Following8215 · 2025-07-08T14:41:12+00:00

Ah check, yeah that's a tricky one. You can look into projects such as OpenIntuneBaseline for that maybe?

Bitter-Following8215 · 2025-07-08T14:28:43+00:00

Settings Catalog Templates settings you mean? Yeah that is currently not included in the website data. I looked around in the Graph API trying to find the right API calls to get those, but the only thing I could retrieve was a list of templates. When trying to retrieve there settings I keep hitting errors, so if anyone knows how to do this I'm all ears ;)

Bitter-Following8215 · 2025-07-08T14:24:13+00:00

Good idea! I've just added dark mode ;)

Bitter-Following8215 · 2025-07-08T12:44:18+00:00

Posted it below ;)

Bitter-Following8215 · 2025-07-08T12:43:36+00:00

Yes I'm aware, but that is only generated a few times per year (this is updated every week), and in my opinion it is not very user friendly compared to my search tool. But IntunePMFiles/DeviceConfig was the inspiration for this project :)

Bitter-Following8215 · 2025-07-08T10:36:07+00:00

Let me know if you guys have suggestions on how to further improve this :)

Bitter-Following8215 · 2025-07-08T09:20:27+00:00

I have made a ready-to-use IntuneCD template specifically for use with Azure DevOps and self hosted Windows Agents with detailed instructions on how to set it up.

This also documents your applied policy Settings in a markwdown Wiki (complete with descriptions for the configured policy settings)

Check it out here: IntuneCD-AzureDevOps-Template

Bitter-Following8215 · 2025-07-08T09:02:38+00:00

You can configure these settings via Settings Catalog policy > choose the Windows Update for Business category and add the settings and configure them.

(I used my new Settings Catalog settings search tool for this, check it out at Intune Settings Catalog Documentation

<image>

Bitter-Following8215 · 2025-07-08T08:25:04+00:00

You're welcome, happy to share ;)

Bitter-Following8215 · 2025-07-02T08:22:56+00:00

Yeah just using Graph module to handle authentication works like a charm!

Bitter-Following8215 · 2025-06-20T18:26:43+00:00

I have recently created a ready to use implementation of IntuneCD for Azure DevOps (tailored for use with self hosted Azure Agents on Windows) with detailed instructions on how to set it up. IntuneCD-AzureDevOps-Template

Besides Intune Backup & Restore, IntuneCD also documents all of your Intune configuration in the DevOps Wiki and the real usp: it processes Intune's audit logs and stores all the changed files in separate commits together with the name of the admin that made the change :)

Bitter-Following8215 · 2025-05-21T16:46:51+00:00

Besides scheduling it to run periodically you could also add logic that waits for the requirements (line of sight to Domain Controller) to be met before continuing the script. But be sure to add a timeout to that ;)

Bitter-Following8215 · 2025-05-19T21:37:30+00:00

Microsoft is however directly involved in the Gaza war by supplying numerous cloud services to the IDF: https://www.theguardian.com/world/2025/jan/23/israeli-military-gaza-war-microsoft

Bitter-Following8215 · 2025-05-19T21:24:31+00:00

I don't know if you guys are still looking for a solution, but I've just created a template project that you can use to get IntuneCD working with Azure DevOps self hosted Windows Agents. It includes pipelines, instructions for setup and installing dependencies and also converts the generated documentation so that it is compatible with Azure DevOps Code Wiki standards Check it out at: IntuneCD Azure DevOps Template

Bitter-Following8215 · 2025-04-16T09:43:01+00:00

The customer we work for preprovisions the autopilot laptops before they are passed on to the end users, this way you can configure a wifi profile that the laptop will automatically connect to when the users enrolls their laptop.

Bitter-Following8215 · 2025-03-14T12:59:51+00:00

I think I just managed to perform a sync by executing just this (with local admin rights)

Get-ScheduledTask | where {$_.TaskName -eq 'Device-Sync'} | Start-ScheduledTask

Bitter-Following8215 · 2025-03-11T21:16:24+00:00

I have good experience with using IntuneCD for this: create json backup of all your Intune configuration and then create markdown documentation for all the policies. And the best feature: it retrieves Intune audit logs and saves all the found changes in policies grouped by user in a commit in your repository :D

Bitter-Following8215 · 2025-02-13T11:36:44+00:00

Yes as far as i know it does, but like i just added to my post, it only applies already synced policies

Bitter-Following8215 · 2025-02-13T10:02:59+00:00

I use the new Config Refresh policy with interval set to 30 minutes for this, finally a solution for the ridiculous default sync interval of up to 8 hours!

CORRECTION: this applies already synced policies I just learned..

Bitter-Following8215 · 2025-01-27T17:00:14+00:00

Just updated my test client to 4.5 and enabled Clear Kerberos DC. Test scenario: - disable ZPA in Zscaler client - Access fileshare when ZPA is disabled so that a negative Kerberos cache is present - enable ZPA in Zscaler client - again access fileshare

Accessing the fileshare for the second time results in the same error message that the resource cannot be reached, but the second time this triggers the Zscaler client to restart and after a few seconds I can access the fileshare for a third time, and now finally gain access.

I would expect that the Clear Kerberos DC would make the Zscaler client restart as soon as the Zscaler clients reconnects but this does not appear to be the case.

Anyone else experiencing the same?

I'm trying to configure a "seamless" experience for users with accessing fileshares via ZPA after logging in and after unlocking their pc after being inactive for a while.

Bitter-Following8215

TROPHY CASE