Recently, I was setting up a new Configuration Manager (SCCM) environment as part of a side-by-side migration. One of the key configuration tasks was to replicate the Software Update Point (SUP) settings — particularly the Products selected for synchronization — to match the existing production environment. Before configuring the new SUP, I needed a list of all the products currently enabled on the old SCCM server for review and comparison. Available Options to Export the SUP Products List There are several ways to export the list of Software Update Point products from SCCM: Manual Method — Browse the console under…
Author: Eswar Koneti
Introduction: I was recently working on the rollout of a passwordless authentication solution in Microsoft Entra ID, which included Windows Hello for Business and Passkeys (FIDO2 security keys). As part of that rollout, one of the requirements was to identify all users and their registered authentication methods — things like MFA, Self-Service Password Reset (SSPR), and passwordless capability. While the Entra admin portal provides a view of this information under Authentication methods, however if you are looking for a way to export the data directly to a CSV file using PowerShell makes it much easier to process in Excel, Power…
Recently, I worked on an SCCM report that compares the list of applications installed on two different computers—typically an older device and a new PC. This is particularly useful in scenarios such as hardware migrations or system upgrades or Virtual to physical migration, where you need to ensure that users have the necessary applications on their new devices. Why This Report is Useful: Though customer is using SCCM for application deployments, but there is no standard practice of automated deployments of applications such as user/device based requests etc. During the process of migrating users to new hardware, the management of…
Recently, I came across an insightful blog post on X (formerly Twitter) by Peter, discussing dynamic group creation for Intune deployments. Inspired by that, I wanted to share my own method—using regular expressions (regex) in Entra ID dynamic groups to build deployment rings based on percentage logic for Intune. 🧩 The Use Case Imagine managing 3,000 Windows devices across different locations, regions, or countries. You want to stage your Intune deployments in phases—starting with a pilot, then gradually rolling out to production in multiple rings. Here’s a rollout schedule I prefer (though you can adjust the % as needed): Ring…
Have you ever needed to extract a complete list of all Win32 applications in Microsoft Intune along with their properties, detection rules, and requirement rules? Few years ago, I wrote a blog post about extracting SCCM application properties from XML files stored in SQL. Now, with Intune becoming the primary endpoint management solution, I had a similar requirement—exporting all Win32 apps with their full details, including: ✅ Install/Uninstall command lines ✅ Detection rules (Registry, File, MSI, Script) ✅ Requirement rules (Architecture, Scripts, Dependencies) ✅ Creation & last modified dates ✅ Dependencies (if any) Since Intune doesn’t provide a built-in export…
Right Click Tools earned its reputation by streamlining endpoint management within Microsoft Configuration Manager. Now, Recast Software has extended those capabilities to Microsoft Intune with a free browser extension—Right Click Tools for Intune Community Edition. This browser extension is designed to bring familiar, efficient device management actions directly into your Intune console. Unifying Co-Managed Device Actions in a Single Interface For IT teams juggling on-premises, co-managed, and Intune environments, managing devices requires switching between multiple consoles. The new extension, available for both Chrome and Edge, changes that by integrating essential right-click actions directly within Intune. Here’s how it works: ·…
Introduction: Windows Hello for Business is a game-changer for enterprise security, offering a seamless and secure way to authenticate users on Windows devices. It replaces traditional passwords with biometric authentication (like facial recognition or fingerprint scanning) and a backup PIN. This PIN acts as a secondary authentication method, ensuring users can still access their devices even if biometrics fail or aren’t available. While Windows Hello for Business enhances security and simplifies the login process, it’s not without its challenges. One such issue I recently encountered involves the PIN reset functionality. Specifically, when users attempt to reset their PIN from the…
In this blog post, we’ll walk through the steps to migrate Microsoft 365 (Office) updates from SCCM/MECM to Intune for devices that are co-managed or fully managed by Intune. This process is part of a broader cloud migration strategy, enabling organizations to manage Office updates via Intune for a subset of devices or all devices. This guide is applicable to both co-managed and fully Intune-managed devices. Let’s dive in! Requirements Scenario: You have hundreds of Windows devices that are co-managed, with Microsoft 365 updates currently managed by SCCM. As part of your cloud migration to Intune, you want to…