Co-management (cloud attach) enables you to manage Windows 10 or later devices simultaneously by using both Configuration Manager and Microsoft Intune. For more information about co-management, please refer here. For a device to be co-managed, one of the pre-requisite is Windows devices must be connected to Azure AD using Hybrid Azure AD joined or Azure AD joined (cloud domain joined). Currently, co-management supports the following workloads. Co-management supports the following workloads: Compliance policies Windows Update policies Resource access policies Endpoint Protection Device configuration Office Click-to-Run apps Client apps Let's assume, you have enabled the cloud attach (co-management) and you have…
Author: Eswar Koneti
Using KQL - Creating Custom Workbooks to Distinguish intune wufb Managed from Unmanaged Devices
Using Intune remediation - check the windows license activation is subscription or KMS based #EMS #Intune #Remediation #scripts
Wufb (windows update for business) is feature in Microsoft Intune that allows organizations to manage and control the deployment of Windows updates across their devices. With WUfB, Intune administrators can define update ring policies and settings to ensure that devices within their organization receive the necessary updates in a controlled manner. This helps organizations maintain security and compliance by ensuring that devices are up to date with the latest patches and fixes. For more information about wufb deployments, please refer https://learn.microsoft.com/en-us/mem/intune/protect/windows-update-for-business-configure After you create the wufb ring policies and deployed, devices will receive the settings and start reporting to wufb…
Introduction: In Intune world of device management, the concept of the primary user plays a crucial role, especially when it comes to application deployments. In this blog post, we will explore the significance of the primary user and how it affects the installation of applications using the company portal in Intune. We will also discuss a practical scenario and share scripts that can help you manage and correct primary user assignments efficiently. The Definition of Primary User: According to Microsoft's article , https://learn.microsoft.com/en-us/mem/intune/remote-actions/find-primary-user#what-is-the-primary-user The primary user property is used to map a licensed Intune user to their devices in:…
Introduction: During my testing of Intune's delivery optimization feature using win32 apps, I encountered an issue where the installation option for an application was grayed out on one device while working fine on another. In this blog post, I will share my troubleshooting journey and explain the concept of primary users in Intune and how it affects app installations. Testing Environment: For the purpose of my testing, I selected two devices: PC1 and PC2. Both the devices are enrolled in Intune and made several apps, including Adobe Reader and other large apps above 500MB, available to the user group…
As many of you are likely already aware, Intune filters is a feature of Microsoft Intune that enables administrators to filter and target specific groups of devices or users based on certain criteria.This helps to manage devices and users in a more efficient and effective way by applying policies and configurations only to the devices or users that need them, rather than applying them to the entire organization.Some common use cases of using Intune filters include:Targeting policies and configurations to specific groups of devices or users based on location, department, device type, or any other attribute that is relevant to…
Azure Active Directory (Azure AD) Conditional Access is a powerful feature that allows administrators to control access to cloud applications based on specific conditions. These conditions can include factors such as location, device type, and network status. By using Conditional Access, administrators can ensure that only authorized users are able to access sensitive resources, and that these users are doing so from a secure location or device. This helps to protect the organization from potential security threats, such as cyber attacks or data breaches. Conditional Access can be configured for specific users, groups, or entire organizations, and can be applied…
