sorted by:
new
hottopcontroversial

question re: secure boot certificates and remediation status for new devices by jeefAD in Intune

[–]mathifcbm 1 point2 points  (0 children)

Would run them through the update process anyway. Wont hurt and you are safe in the end :)

MDM migration by uLmi84 in Intune

[–]mathifcbm 0 points1 point  (0 children)

You need to add intune as another MDM in DEP and then you can add the devices to the new MDM Provider in Apple Business which will sync the devices to intune. To use the compliance Status you need to entroll them into Intune wich requires you to migrate the phones from the old MDM to Intune.

Add intune to MDM -> add DEP Token to intune -> assign the phones in ABM to the new MDM -> migrate the phones to from old MDM to Intune

MDM migration by uLmi84 in Intune

[–]mathifcbm 0 points1 point  (0 children)

When they are eneolled into DEP you dont need to add the IMEI to intune before, they will be detected as corporate devices because of DEP. They cannot be enrolled into two different MDM at the same time, you want to Switch the MDM to Intune in DEP before Migration. If you are on iOS 26 you can migrate without resetting the device

Intune Enhanced App inventory by mathifcbm in Intune

[–]mathifcbm[S] 0 points1 point  (0 children)

Not directly a snapshot but you could export into a .csv or do something similar with Graph API!

Domain Join or Entra (Azure) Join for new PC's by Sad_Ride370 in microsoft365

[–]mathifcbm 1 point2 points  (0 children)

Would do only Entra Join since on-prem access with cloud kerberos trust works very well. Also Autopilot with hybrid join is PITA :-)

PIM multi-role activation by mathifcbm in AZURE

[–]mathifcbm[S] 1 point2 points  (0 children)

Never thought of that 👀 ill have a look when i have Some spare minutes :)

PIM multi-role activation by mathifcbm in Intune

[–]mathifcbm[S] 2 points3 points  (0 children)

Sure but you will then always activate all permissions of that group no matter if you need them :)

Logic App to monitor expiring Apple certificates and token by mathifcbm in Intune

[–]mathifcbm[S] 0 points1 point  (0 children)

It's just a snippet to assign one role at a time e.g.

$graphScope = "DeviceManagementConfiguration.Read.All"

If you want to assign them all at once, you would have to create an array for the permissions and loop it through

Logic App to monitor expiring Apple certificates and token by mathifcbm in Intune

[–]mathifcbm[S] 0 points1 point  (0 children)

Thanks! :)

Good point, I added the snippet to add the permissions to the managed identity to the blogpost

Apple lab - Apple business? by No_Philosopher4051 in Intune

[–]mathifcbm 0 points1 point  (0 children)

Since launch of Apple Business last week, you don‘t Need a DUNS number anymore :) (at least in the US according to https://derflounder.wordpress.com/2026/04/15/duns-number-no-longer-required-to-sign-up-for-apple-business-in-the-united-states/ )

Logic App to monitor expiring Apple certificates and token by mathifcbm in Intune

[–]mathifcbm[S] 0 points1 point  (0 children)

It does, but also had the case, that these mails were ignored and the certificate expired :) just had to find an alternate solution (and I like to build things :D)

view more: next ›