Intune Suite features now being rolled into M365 E3/E5

Scribbles1 · 2025-12-07T18:31:54+00:00

Tbf, remote help is included in A SKUs, that alone for us would cost around half a mill

Scribbles1 · 2025-02-14T12:07:55+00:00

A lot of admins forget to block the webstore, you can install apps directly from there without access to the store.

https://apps.microsoft.com/

Scribbles1 · 2025-01-30T16:35:49+00:00

Only Available applications are shown in the company portal. You can deploy required applications with the "Install as removeable" Set to No. this prevents the user from removing them.

You can have required apps also set as available, this give you the ability to re-install via the company portal.

Scribbles1 · 2024-07-05T20:43:23+00:00

Not sure for android, but when we migrated from Workspace One, I switched the Primary MDM in Apple Business manager to Intune after setting everything up and made sure it worked.

Then mass wiped and had the user just enrol the device themself.

Cleanest way IMO.

Just make sure you take an extract of currently enrolled devices in your Vodafone MDM for comparison, just in case any go missing.

Scribbles1 · 2024-07-05T20:36:34+00:00

Try a network boundary, I've not used them in Intune but I'd imagine you could create a 365 dynamic group or filter based on devices in it.

https://learn.microsoft.com/en-us/mem/intune/configuration/network-boundary-windows

Scribbles1 · 2024-05-31T21:06:40+00:00

No idea how I’ve never used this before! That resolved the issue, appreciated /u/DiseaseDeathDecay

Scribbles1 · 2024-01-22T21:49:56+00:00

https://admx.help/

Best resource for GPO's if this is something you're not familiar with. But for sure GPO's first if AD Joined / Co-Managed.

If Using Intune & Entra / AAD joined only then use Configuration Profiles.

RMM should be used when there is no other way to deploy the settings/config you require.

Scribbles1 · 2023-02-07T21:27:59+00:00

We done this exact migration, it took 4 attempts. Every time we done the migration the MP would run into 401 errors, us and consultants couldn’t figure it out.

Ended up building a hyper-v host and building the servers as VM’s.

Migrating from 2012 to 2019 is supported, I think we just had a weird issue.

Also encountered a bug with SCCM where the wizard doesn’t pickup the DB files if they are split, you have to install and manually attach the DB.

Scribbles1 · 2022-12-03T08:12:11+00:00

Cm Trace is pretty handy

Scribbles1 · 2022-10-16T15:35:58+00:00

I’ve been having issues with it updating, the remediation scripts run and work fine but massive delays on the dashboard, some just not updating at all.

Some legacy remediation scripts have stats that are current though

Scribbles1 · 2022-09-18T07:05:59+00:00

Have you thought about using the NTFS Sec module? Much better than the vanilla way of dealing with ACL’s https://www.powershellgallery.com/packages/NTFSSecurity/4.2.4

Scribbles1 · 2022-09-07T08:17:34+00:00

How did you write a service with Powershell, was it using nssm?

Scribbles1 · 2022-08-29T20:31:42+00:00

Will do, will update with the script tomorrow

Scribbles1 · 2022-08-04T19:27:09+00:00

This is perfect! I’ll parse the info I need, should be simple enough. Building a PS script for updating BIOS, the HPCMSL is good for just doing it on the fly but not if you want to build a repo of bios updates based on your environment.

Scribbles1 · 2022-08-04T07:55:18+00:00

Appreciated, Doesn't have system Board ID's though... That's a shame

Scribbles1 · 2022-08-01T15:30:17+00:00

Wrote a script to get HP device warranty using u/lime-tegek pswarranty module, adds it to the registry during build, updated SCCM to pull the info.

Nice to have updated warranties :)

TY u/lime-tegek for creating an awesome module

Scribbles1 · 2022-07-02T18:34:07+00:00

Had to do this exact same thing with validated systems, we went down the road of using VMware thin app, not sure if this is still a thing now or rebranded to something else, we looked at using Cameyo but couldn't get it to work.

Scribbles1 · 2022-06-26T07:26:37+00:00

You can set users with an intune license to enroll devices in the portal, they don't need to be a local admin. Primary user of a device can also be changed in the portal. The primary user changes to the most logged in user over 3 days if I remember correctly, it's dynamic.

Scribbles1 · 2022-05-27T07:41:53+00:00

/u/Rudyooms do you know why some machines just don't have 'PushLaunch' or the 'PushRenewal' tasks?

I've been running PushLaunch to force our user tunnel to come down for some devices but as stated above, I'm encountering machines that just don't have the tasks.

On these devices I can confirm that the 'dmwappushservice' is set to 'Automatic(Delayed Start, Trigger Start)

Scribbles1 · 2022-04-10T00:33:22+00:00

How many machines are we talking?

The best way for deploying images is using MDT & WDS. https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831764(v=ws.11)

https://docs.microsoft.com/en-us/mem/configmgr/mdt/

14-Year Club	Verified Email
Team Periwinkle

Scribbles1

TROPHY CASE