Right Click Tools earned its reputation by streamlining endpoint management within Microsoft Configuration Manager. Now, Recast Software has extended those capabilities to Microsoft Intune with a free browser extension—Right Click Tools for Intune Community Edition. This browser extension is designed to bring familiar, efficient device management actions directly into your Intune console. Unifying Co-Managed Device Actions in a Single Interface For IT teams juggling on-premises, co-managed, and Intune environments, managing devices requires switching between multiple consoles. The new extension, available for both Chrome and Edge, changes that by integrating essential right-click actions directly within Intune. Here’s how it works: ·…
Author: Eswar Koneti
Introduction: Windows Hello for Business is a game-changer for enterprise security, offering a seamless and secure way to authenticate users on Windows devices. It replaces traditional passwords with biometric authentication (like facial recognition or fingerprint scanning) and a backup PIN. This PIN acts as a secondary authentication method, ensuring users can still access their devices even if biometrics fail or aren’t available. While Windows Hello for Business enhances security and simplifies the login process, it’s not without its challenges. One such issue I recently encountered involves the PIN reset functionality. Specifically, when users attempt to reset their PIN from the…
In this blog post, we’ll walk through the steps to migrate Microsoft 365 (Office) updates from SCCM/MECM to Intune for devices that are co-managed or fully managed by Intune. This process is part of a broader cloud migration strategy, enabling organizations to manage Office updates via Intune for a subset of devices or all devices. This guide is applicable to both co-managed and fully Intune-managed devices. Let’s dive in! Requirements Scenario: You have hundreds of Windows devices that are co-managed, with Microsoft 365 updates currently managed by SCCM. As part of your cloud migration to Intune, you want to…
Managing Intune managed device health, compliance, and updates across an organization can be a complex task, especially when dealing with various data sources. By integrating Intune device data with Windows Update for Business (WUfB) data in Log Analytics, you can gain powerful insights into the status of your devices, their security compliance, and update history. This approach simplifies reporting and troubleshooting by combining device inventory information with patch management in a centralized location. Before diving into the combing of the Intune data and WUfB data, here’s what you’ll need: Prerequisites: Intune Logs in Log Analytics: You must configure Intune to…
In this blog post, we'll explore how to detect the source of registry key modifications on a Windows device. In other words, we'll look into identifying who is adding, deleting, or changing registry keys, whether through Group Policy (GPO), Intune, SCCM, scripting, or other methods. Scenario: BitLocker Recovery Mode While investigating an event related to exceeding the maximum failed sign-in attempts that caused a device to enter BitLocker recovery mode, I have come across an interesting finding. For a full list of BitLocker recovery scenarios, you can refer to the official Microsoft documentation. Here’s how the situation cracked: I selected…
I recently had a conversation with a customer about Windows Update for Business (WUfB) deployment services and devices managed by Intune. Customer using MECM/SCCM and all of the WUfB workloads are moved to Intune. If you'd like to learn more about WUfB, you can refer to the official documentation here. During our discussion, we focused on improving the security posture of devices through timely Windows updates. To enhance compliance with Windows Update policies, the first step is to gather statistics on the update status of Intune-managed devices. A few months ago, I shared a post on how to identify whether…
Recently, I received a request from a customer to identify users who have enrolled their mobile devices, specifically iOS and Android, managed by Intune. Initially, I explored the Intune console, applying filters based on the operating system to generate a list of mobile devices and their associated users. However, this approach only provided a basic view, requiring me to export the data to a CSV file and use Excel formulas to identify users with both iOS and Android devices—an arduous and time-consuming process. Streamlining the Process with KQL and Power BI To simplify this use case, I turned to KQL…
Managing Windows endpoints with SCCM (System Center Configuration Manager) and co-management enabled can be challenging, especially when dealing with co-management issues. In this post, I’ll share insights and troubleshooting steps to help you resolve issues with devices that are supposed to be co-managed by Intune but aren’t appearing as expected. Background I recently worked on a Power BI report designed to compare devices listed in Active Directory (AD) with those in Intune (via Log Analytics) based on their last logon status. The goal was to identify devices that are co-managed or Intune-enrolled. During this process, I noticed that hundreds of…