With the introduction of the new Microsoft store you might want to remove the legacy store apps from your apps list in Intune.
Author:
If you create an App Registration in Azure AD for a 3th party application you might want to limit the rights of this 3th party application.
For example you have a 3th party application which you want to access a specific mailbox to read mail from you would like to limit access to this specific mailbox only. To make sure that the application is not able to read the mailbox content of the CEO you need to implement an Application Access Policy.
Note: You need to have an Azure AD license to use Application Access policy’s.
If you are using a print server and you would like to deploy network printers to endpoints you can follow the steps below.
- Gather your printer drivers
Download your specific printer drivers. And save them to a folder.
In my example I use a Konica printer driver.
To run a PowerShell script as a Win32 perform the following actions:
- Wrap the PowerShell with the Intune wrap utility
- Create a Win32 App in the MDM portal
- Use as install command:
- powershell.exe -executionpolicy bypass -windowstyle hidden -file PowershellScriptName.ps1
- Finish of the appliciation
Follow the steps below to deploy a local (network) printer with Intune. If you want to deploy a network printer and drivers follow the steps in this link.
-
- Gather your printer drivers
Download your specific printer drivers. And save them to a folder. In my example a Ricoh Universal Print driver. I created a Folder Printer Drivers with a subfolder Ricoh Universal Print v4.30 and with the drivers files.
Continue reading
- Gather your printer drivers
Get list of MSI GUID of installed applications:
get-wmiobject Win32_Product | Format-Table IdentifyingNumber, Name, LocalPackage -AutoSize
Create group tags to auto populate groups with devices.
Use the upload-windowsautopilotdeviceinfo script with the -grouptag option to automatically set the group tag.
Or set it manually in the intune console
Continue reading
When I deploy applications into Intune I always deploy some usefully management applications which I can use in other application.
Some tools which I always deploy to a end device are:
- CMTrace.exe
This is a tool which become handy when you want to read log files like the Intune Management Extension logs. - SetUserFTA.exe & SetDefaultBrowser.exe
Both tools from https://kolbi.cz/blog/. Very handy if you want to set FTA and Default browsers with Intune policy’s - nircmd.exe
I use nircmd to run command files hidden for users. Otherwise when running a command file a command windows can pop-up in the user session.
Below the code used to connect to Office 365 with Powershell.
#Ask for O365 Credentials $Credentials = Get-Credential #Build session to O365 with specified credentials $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Credentials -Authentication Basic -AllowRedirection Import-PSSession $Session