Back in March 2021 I was invited to contribute over at https://MSEndpointMgr.com

In this post we will look at the Office File Transfer feature and implement a simple solution to prevent “one way” that users can leak corporate data.

In this quick post we will be removing built-in Windows 11 apps, for all users, and optionally showing you how to leverage a “Cloud-Source” as a reference file to select apps for removal.

Many organsiations, against strong advice, still allow some users to install apps on their devices. Quite often this is applicable to software developers and IT admins, both being given permission to install apps to “test it works”. The old argument was that IT simply could not turn around app packages in Intune of ConfigMgr to keep up with the demand from developers

In this post I will show you how to use Proactive Remediations and Log Analytics, together, to ensure Windows Update Settings are Optimal and Compliant on your devices. This post comes on the back of a session both Aria Carley and I presented at #MMSMOA this year - Fun times!

In this post I will show you how to easily install network printers with Intune using win32 apps and PowerShell.

Background

Before you can begin to process Update Compliance data from your devices, you must first ensure that they meet the requirements to participate in the Update Compliance process. Update Compliance uses Windows client diagnostic data for all of its reporting. It collects data for update deployment progress, Windows Update for Business configuration data, and Delivery Optimization usage data. Collected data is sent to a customer-owned Azure Log Analytics workspace.

Welcome to this new blog series which will hopefully demystify SSO to domain resources from Azure AD Joined devices - and get you up and working quickly with a comprehensive guide on AOVPN configuration.

Deploying Windows 10 Feature Updates in your organisation can be approached in multiple ways. As we merge the perimeter with the Cloud some of us are trying to understand the best way to deliver Feature Updates to our devices. Should we deploy an in-place upgrade using a ConfigMgr task sequence? Perhaps we should push the Feature Update directly from ConfigMgr to our devices. Have we considered leveraging our CMG and using Microsoft as a source for the update binaries to save our VPNs? Maybe some of us are on a co-management journey and are looking at using WUfB. Which ever technology we are leveraging one of the questions that normally gets asked is “Can we control the update process in a way that lets us ‘Run Stuff’ after the Feature Update has completed”.