Mike's MDM Blog

Tag: Remediations

  • Create or set Registry Keys using Intune Remediation scripts – Part 2

    Create or set Registry Keys using Intune Remediation scripts – Part 2

    Today in Part 2 on how to create or set Registry Keys using Intune Remediation scripts, I want to show you how easy you can modify Regkeys for all users or keys that need additional permissions for the currently logged on User. In Part 1: I covered, how you can set a specific Regkey for…

  • Custom MacOS Client Inventory Data – Reporting Series Part 5

    Custom MacOS Client Inventory Data – Reporting Series Part 5

    Inspired by the cool blog article about collecting custom MacOS inventory data to an Log Analytics Workspace:https://ugurkoc.de/collecting-customized-inventory-data-on-macos-devices-using-intune/I modified his script to upload the data using our Azure Function App from Part 1 of our Reporting Series to our existing Cosmos DB. If you haven’t seen it, check it out now: Part 1 Architecture As a…

  • Enhance PowerBi Report with UEFI / BIOS Settings – Part 4

    Enhance PowerBi Report with UEFI / BIOS Settings – Part 4

    Today I want to show you, how you can enhance our Inventory data that we created in our reporting series with UEFI Setting for Dell, HP and Lenovo Client devices. If you haven’t seen the reporting series, check it out here: Part 1, Part 2, Part 3 Cosmos DB First thing we do, is to…

  • Intune Remediation to verify BitLocker keys are uploaded to Entra ID

    Intune Remediation to verify BitLocker keys are uploaded to Entra ID

    Today I want to show you how you can check if the BitLocker Key Backup to Entra ID (AzureAD) was successfully done. We have configured BitLocker encryption in Intune to silently encrypt the system drive and automatically upload the recovery key. Usually these Settings should ensure, that the device is only encrypted if the Recovery…

  • Organizational messages in Microsoft Intune and custom messages via Powershell

    Organizational messages in Microsoft Intune and custom messages via Powershell

    Today I want to talk about Organizational messages in Microsoft Intune, what you can do with them and what you can do, if you need a more customizable notification area message, than what is currently possible in Intune. Organizational messages Let’s start with what are Organizational messages. They are a really cool new feature, that…

  • Deploy a basic WDAC Policy with Intune as managed Installer

    Deploy a basic WDAC Policy with Intune as managed Installer

    Today I want to show you, how you can deploy a basic WDAC (Windows Defender Application Control) Policy that uses the Intune Management Extension (IME) as managed Installer to allow only Apps that are deployed via Intune. WDAC Policy At first we start creating a basic WDAC Policy, using the officia WDAC Wizard from: https://webapp-wdac-wizard.azurewebsites.netWe…

  • Create or set Registry Keys in Intune using (Proactive) Remediations

    Create or set Registry Keys in Intune using (Proactive) Remediations

    Today I will show you, how you can create or set Registry Keys using Intune (Proactive) Remediations. For (Hybrid) Domain joined Clients we used Group Policy Preferences to set these RegKeys, but as there is no such thing for Azure AD joined Clients, we will use a small remediation script for this. As an example,…

  • Verify and replace Files with Proactive Remediations in Intune

    Verify and replace Files with Proactive Remediations in Intune

    Today I will show you how you can verify (small) files like configuration files with (Proactive) Remediations in Microsoft Intune. We can use this to replace Group Policy Preferences File rules, as long as the files are smaller then 200KB, if they are bigger i would suggest to wrap it in a Win32 Application, then…