Intune – macOS – Outlook App-Restriction

In post explains how to restrict institutional accounts in outlook desktop app for macOS. Currently, Intune app protection policy feature is still not available for macOS platform. Below payload was created using profile manger, using the below payload, there are plenty of other restriction can be added but the below example is targeted to preventContinue reading “Intune – macOS – Outlook App-Restriction”

Intune – macOS – Set default user from Admin to Standard

By default, Mac devices enrolled via Intune ADE, the default user account gets admin privilege due to this reason, user management is not easy. This post covers how to mitigate this issue. Intune provides a way to run shell scripts and collect logs from mac devices easily. Device Join Type: Azure AD Joined Workplace joinedContinue reading “Intune – macOS – Set default user from Admin to Standard”

AzureAutomation – Hybrid worker – Create AD user

In this post, I would like to share a scenario on how we can run powershell scripts on the on-prem enviorment using azure automation. Runbooks that run on a Hybrid Runbook Worker typically manage resources on the targeted local computer or against resources in the local environment where the worker is deploye Here is anContinue reading “AzureAutomation – Hybrid worker – Create AD user”

Intune location based VPP token becomes invalid after a Apple business Manager account password reset

This article talks about an issue recently faced related to VPP Location based token to distribute Apple VPP Apps to Intune Managed devices. Figure 1: From Intune device Enrollment program Error: Check VPP Token Below one taken from the Intune–>ClientApps–>Apple VPP Tokens —> Properties Cause: Apple Business Manager Account Password Reset. Solution: 1) Login toContinue reading “Intune location based VPP token becomes invalid after a Apple business Manager account password reset”

Intune – Retire Managed Device and Remove stale entry from Azure AD

The below script will retire iOS device and remove the Azure AD device entry at the same time. when you retire a device from Intune it will only remove the device entry from the Intune portal but not in the Azure AD, it gets orphaned and it will remain as Azure AD Registered.  You canContinue reading “Intune – Retire Managed Device and Remove stale entry from Azure AD”

Intune – Connect MSGraph using PowerShell

In this article, I am going to show you how to connect Intune from PowerShell using registry stored credentials and also a sample script to get groups that are assigned to the volume purchased apps. Section 1: Storing Credentials in the registry It is in a way safe and easy approach to connect various azureContinue reading “Intune – Connect MSGraph using PowerShell”

Intune – Remove stale entry from Azure AD

There are options in Intune to remove stale after a period of time but that doesn’t mean it will also remove the stale device entry from Azure AD. There are plenty of things to consider even after removing the stale entry from Azure AD. Therefore, it is recommended to go through the below article. Ref:Continue reading “Intune – Remove stale entry from Azure AD”