Blog Posts

Encrypting Sensitive Data for Transit or Rest with PowerShell

This blog is about how you can use the .Net cryptography model to encrypt and decrypt sensitive information such as passwords with PowerShell. It is specifically for the encryption in transit and encryption at rest scenarios, where, for example, you may be sending data to a backend service and securely storing it in that service. … Continue reading Encrypting Sensitive Data for Transit or Rest with PowerShell

Create Compatibility Collections in ConfigMgr for Windows 11 22H2

When Windows 11 was first released I published some resources for creating collections in ConfigMgr containing workstations in their various "update readiness" states, such as whether they are capable for upgrade, if they are blocked by the common blockers like CPU family or by a safeguard hold, for example. Here I am publishing the same … Continue reading Create Compatibility Collections in ConfigMgr for Windows 11 22H2

Automate a Daily Activity Log Audit Report for an Azure Subscription

Yesterday I published a PowerShell script that retrieves activity log events for an Azure subscription. In this post, I will demonstrate how you could automate a daily email summary report of activities in your subscription using Azure automation. The email report looks something like this, with a summary of operations performed over the last 24 … Continue reading Automate a Daily Activity Log Audit Report for an Azure Subscription

Audit Events in Your Azure Subscription with PowerShell

Update! v.1.1 released fixing a bug where the most recent events were not being returned (2022-09-13) A quick post - I just published a new script for retrieving activity log events for an Azure subscription as the current options for searching and retrieving events didn't satisfy me. Azure Monitor has an activity log at the … Continue reading Audit Events in Your Azure Subscription with PowerShell

DIY Windows Provisioning – a Solution Example

Some time ago I created a custom solution to provision Windows workstations and in this blog I wanted to share how that solution works. This is not a community solution but simply an example of what can be possible with a little creativity and technical know-how! I work for an American company with a global … Continue reading DIY Windows Provisioning – a Solution Example

Get Group Membership for Intune Managed Devices with PowerShell

Just a quick one - Microsoft just added the Device group membership report to Endpoint Manager (service release 2206) which is pretty handy: We can also get group membership with PowerShell. The function below lets you pass either a device name or Azure AD Id and it will return the group and transitive group membership. … Continue reading Get Group Membership for Intune Managed Devices with PowerShell

Enhance Update Compliance Reporting with Azure Automation

In my last blog I provided an Intune Proactive remediations script that can be used to gather additional Windows Update information from your managed Windows devices and send the data to an Azure Log Analytics workspace to enhance your Windows Update reporting together with Microsoft's Update Compliance solution. In this blog, I will provide an … Continue reading Enhance Update Compliance Reporting with Azure Automation

Enhance Update Compliance Reporting with Microsoft Endpoint Manager

If you're using Windows Update for Business in Microsoft Endpoint Manager you're probably also using Microsoft's Update Compliance solution for reporting. Update Compliance contains some useful data and I know the team are working on additional improvements. A while back I created my own "Update Compliance" solution in part because I wasn't happy with the … Continue reading Enhance Update Compliance Reporting with Microsoft Endpoint Manager

Beware of Changing Regional Format after Intune Enrolment

Today I discovered an interesting bug with the Microsoft Intune Management Extension that hopefully you never have to come across. It surfaced on devices that were deployed with Windows Autopilot using a US-English base image, but because they were intended for use in the UK not the US, our deployment process installs the UK language … Continue reading Beware of Changing Regional Format after Intune Enrolment

Script Viewer for Microsoft Endpoint Manager

It's been a while since a published a community UI tool - I used to have fun doing that back when I had time...😆 This one is something I created a while ago actually but as I needed to use it a few times I decided to finish it off and publish it. It's a … Continue reading Script Viewer for Microsoft Endpoint Manager