Blog Posts

Creating Compatibility Collections for Windows 11 in MEMCM

The other day I tweeted a screenshot of collections I had created in MEMCM for Windows 11 based off custom inventoried data - this post is just to explain how they were created and provide scripts and files for you to do the same if you wish. https://twitter.com/SMSagentTrevor/status/1446523800246489089 The data is inventoried from Windows 10 … Continue reading Creating Compatibility Collections for Windows 11 in MEMCM

Windows 11 Hardware Readiness Report for Power BI

So, Windows is 11 is out and Microsoft recently added Windows 11 hardware readiness insights to Endpoint Analytics in Microsoft Endpoint Manager allowing you to identify which devices in your Intune tenant are eligible for upgrade and which are not and why. Read the official announcement here. To supplement this report, I've created a Power … Continue reading Windows 11 Hardware Readiness Report for Power BI

MEMCM Client Content Downloads Report for Power BI

I was checking out some reports recently for client data sources (DP, BranchCache etc) for MEMCM content downloads and I realised that the total volume of data was being calculated incorrectly for devices that are members of more than one boundary group. Even the Client Data Sources dashboard in the MEMCM console has this issue … Continue reading MEMCM Client Content Downloads Report for Power BI

Report on Overlapping Boundaries in MEMCM

Having boundaries that overlap with other boundaries can be a royal pain in MEMCM if those boundaries are in different locations - unless identified and sorted out you can potentially have clients getting content from undesired sources - across the continent or even across the world in some cases! I prepared the following script that … Continue reading Report on Overlapping Boundaries in MEMCM

Use Proactive remediations to report on or install the Microsoft Update Health tools

Microsoft recently made a download available for their Update Health tools - if you're using Microsoft Endpoint Manager and enrolling or co-managing Windows devices these tools need to be installed to make use of the capability for expediting quality updates. For devices connected to Windows Update or Windows Update for Business these tools should already … Continue reading Use Proactive remediations to report on or install the Microsoft Update Health tools

MEMCM Compliance Item Scripts to Secure PointAndPrint Registry Keys

Microsoft published some updated guidance yesterday for the Windows Print Spooler Vulnerability (CVE-2021-3457) and recommend securing a couple of Point and Print registry keys if they exist, in addition to deploying the security update: After applying the security update, review the registry settings documented in the CVE-2021-34527 advisoryIf the registry keys documented do not exist, … Continue reading MEMCM Compliance Item Scripts to Secure PointAndPrint Registry Keys

Querying Windows Build Version History with the Intune Data Warehouse and PowerShell

I had an interesting requirement recently which was to review the OS build numbers of a group of computers over time. This would reveal not only when they got patched, but which patches they installed and when they installed a feature update, for example. Since we aren't using the Data warehouse in MEMCM and our … Continue reading Querying Windows Build Version History with the Intune Data Warehouse and PowerShell

Create custom Intune reports with Microsoft Graph, Azure Automation and Power BI

Microsoft Endpoint Manager aka Intune has been around for a while now and has evolved quite significantly since its early days and the old Silverlight portal (remember that?). Historically Intune hasn't been particularly good with its reporting capability, but since end 2019 and the announcement of the new reporting framework, things are starting to improve … Continue reading Create custom Intune reports with Microsoft Graph, Azure Automation and Power BI

Get the current patch level for Windows 10 with PowerShell

I was working on some updates to our unified reporting solution for Windows Updates (ie WUfB + MEMCM) and I wanted to figure out simply from the OS build number whether a Windows 10 workstation has the latest cumulative update installed. The only reliable and useable static list I could find for Windows 10 build … Continue reading Get the current patch level for Windows 10 with PowerShell