Microsoft Intune

Best Practices for Securing Microsoft Intune

Microsoft's Intune Customer Success team has published a security hardening guide covering least-privilege admin role assignments, phishing-resistant authentication, privileged access hygiene, and Multi Admin Approval for sensitive configuration changes.

Mar 14, 2026

Rethinking "Allow My Organisation to Manage My Device" — Why Opt-In Enrollment Works Better for Intune

Microsoft has introduced a public preview toggle that allows admins to block automatic MDM enrollment triggered during Windows modern app sign-in. The change addresses BYOD, mixed device ownership, and multi-tenant deployment scenarios.

Mar 5, 2026

Migrating Frontline Mobile Devices: A Frontline-First Approach to Moving to Microsoft Intune

Practical migration guidance for organisations moving frontline mobile fleets to Intune, covering reliability planning, app continuity, connectivity, certificate dependencies, and infrastructure prerequisites.

Mar 30, 2026

Deploying Windows LAPS with Microsoft Intune: A Complete Walkthrough

A step-by-step guide to rolling out Windows Local Administrator Password Solution across your Intune-managed fleet, including policy configuration, reporting, and migration from legacy LAPS.

14 min read · Intermediate

Understanding Autopilot v2: Enrollment Profiles, ESP, and Common Failure Modes

Windows Autopilot v2 changes how enrollment profiles work. This guide covers device preparation, the Enrollment Status Page, and a decision tree for diagnosing the most common deployment failures.

16 min read · Intermediate

Get-StaleDevices

Identifies devices inactive for a configurable threshold across Intune, Entra ID, and on-premises Active Directory. Outputs CSV and HTML reports with remediation actions.

PowerShell · 318 stars

Export-IntuneDeviceReport

Uses the Microsoft Graph API to export a full Intune device inventory including compliance state, OS version, last check-in, and primary user to CSV or JSON.

PowerShell · 389 stars