Here is how you can improve your Intune Device Compliance Reporting using Microsoft Graph, PowerShell and KQL. Good reporting requires context Dashboards are everywhere. Almost no application comes without reporting, which is good. Management likes reporting, IT Managers like Compliance Reporting. Compliance metrics is a must have in a modern Operations. Intune makes it easy to verify that devices comply to certain policies. However, if you’re running the thing and are responsible to improve the percentage of compliant devices, you may have recognized that the reporting features of Intune have some limitations in terms of filtering, drill down capabilities and quantitification options.

This is a writeup of a session that I gave at WP Ninja Summit 2022 You must have Conditional Access! If you don’t already have it. Seriously! As soon as possible. It’s the most effective way to prevent successful phishing attacks against your Microsoft 365 services like Teams, Exchange Online and OneDrive. If you don’t have CA or MFA anyone can login with username and password. But rolling out MFA is a difficult task which involves a lot of user eductation.

This is the third of four posts where I will describe how to deploy Zscaler Client Connector (aka the app) to the different OS platforms Zscaler and Intune support. The goal is to deploy the app and prepopulate all required information to the app to create as little user friction as possible. Topic of today is Windows. For Windows it’s a relatively simple task if you have an AAD joined or Hybrid AAD joined device.

Since this blog is my personal brain dump helping me to clarify things I learn, I decided to create a link list. Sometimes you read things that you may want to check again, but your search history doesn’t help you finding the page again. This link list provides all the links I found helpful on the way to learn a certain topic. MEM & macOS Deploying macOS apps with the Intune scripting agent Use shell scripts on macOS devices in Intune Microsoft Intune management agent for macOS MEM & Windows Update Rollout options for Windows Updates in Microsoft Intune Safeguard holds KQL & Security Maintaining a well managed Azure AD tenant with KQL Powershell & Security Incident Response In A Microsoft Cloud Environment

This is the second of four posts where I will describe how to deploy Zscaler Client Connector (aka the app) to the different OS platforms Zscaler and Intune support. The goal is to deploy the app and prepopulate all required information to the app to create as little user friction as possible. I continue with macOS. This is what it will look like. Well that was silent wasn’t it? So let’s see how to deploy Zscaler with Intune - without notarization or an Apple Developer Account.

This is the first of four posts where I will describe how to deploy Zscaler Client Connector (aka the app) to the different OS platforms Zscaler and Intune support. The goal is to deploy the app and prepopulate all required information to the app to create as little user friction as possible. I start with iOS. This is what it will look like. To achieve this, we need to configure a few things