Intune

Checking for Updated Secure Boot Certificates

Posted on September 5, 2025 by Trevor Jones in Compliance, Intune, Powershell, Reporting, Security, Software Updates

A couple of months back Microsoft published a blog about Secure Boot certificates expiring in June 2026 and of the potential need to take action. It would appear that as long as Secure Boot is enabled, your OEM firmware is up-to-date, you are sending the right diagnostic data, and Windows updates are enabled, devices should … Continue reading Checking for Updated Secure Boot Certificates →

Next Generation Data Analysis – Connecting AI to your Database

Posted on July 14, 2025 by Trevor Jones in AI, ConfigMgr, Intune, PowerBI, Reporting, SCCM, SQL

Back when our company decided to migrate endpoint management workloads to Microsoft Intune from Microsoft Configuration Manager, I quickly realized we would be missing some key capabilities. Not least of which is comprehensive hardware inventory data which, to this day, is still sorely lacking in Intune. Having in-depth, customizable inventory on our Windows endpoints is … Continue reading Next Generation Data Analysis – Connecting AI to your Database →

Create a Catalog of Windows Update Data using Microsoft Graph

Posted on April 14, 2025 by Trevor Jones in Compliance, Intune, Powershell, Reporting, Security, Software Updates

For some time I have run my own reporting solution for Windows Updates since I've never really been happy with the canned reports Microsoft have created in Intune and Windows Update for Business reports, even to this day. As part of this solution I have had to gather data on Windows Updates, such as versions, … Continue reading Create a Catalog of Windows Update Data using Microsoft Graph →

Harnessing AI in PowerShell: Create a TimeZone Script for Windows Autopilot with AI

Posted on January 23, 2025August 29, 2025 by Trevor Jones in AI, Intune, Powershell

Get time zone from geolocation dataConvert IANA time zone to Windows time zoneAdd logging, error handling and create a summaryConclusion In this post I want to walk through a real-world example of creating a useable PowerShell script simply by prompting an AI model in conversation. The goal for this script is: to determine the appropriate … Continue reading Harnessing AI in PowerShell: Create a TimeZone Script for Windows Autopilot with AI →

Getting an access token for Microsoft Entra in PowerShell using the Web Account Manager (WAM) broker in Windows

Posted on November 28, 2024November 28, 2024 by Trevor Jones in Azure, C#, Intune, Powershell

Some months ago, in my quest to look at different methods for obtaining an access token interactively for Microsoft Graph in PowerShell, I wrote a simple PowerShell wrapper around the Microsoft.Identity.Client library, aka MSAL.Net - the supported MS library for authenticating with Microsoft Entra. Microsoft's apps and modules have been trending toward using the Web … Continue reading Getting an access token for Microsoft Entra in PowerShell using the Web Account Manager (WAM) broker in Windows →

Investigating Safeguard Hold 54762729 for Windows 11 24H2

Posted on November 8, 2024December 11, 2024 by Trevor Jones in Drivers, Intune, Powershell, Reporting, Software Updates

!! UPDATE 2024-11-12 !! Microsoft have now documented this safeguard as well as patching it in the December 10, 2024 Windows updates. Read more about it here. A few days ago I happened to be reviewing our feature update Power BI report and noticed that a number of devices were now being blocked from upgrading … Continue reading Investigating Safeguard Hold 54762729 for Windows 11 24H2 →

Intune Assignments Report

Posted on April 8, 2024 by Trevor Jones in Azure, Intune, PowerBI, Powershell, Reporting

If you've ever wanted to see all of your assigned items in Microsoft Intune in one place, my Intune Assignments report may be your friend 🙂 Using Azure automation, assigned items are exported from Microsoft Graph on a schedule and sent to an Azure storage account in CSV format. A Power BI report connects with … Continue reading Intune Assignments Report →

Deploying a Custom Power Plan with Intune Remediations

Posted on February 1, 2024 by Trevor Jones in Compliance, Intune, Powershell

For a long time I've used ConfigMgr to manage power settings on devices, but I recently decided to migrate this to Intune. There is more than one way to configure power settings in Intune, such as using the Settings Catalog or the Power Policy CSP. But these approaches do not (currently) allow management of all … Continue reading Deploying a Custom Power Plan with Intune Remediations →

Fix CVE-2022-29470 / Intel-SA-00875 / Nessus 180052 Intel Dynamic Tuning Technology Vulnerability with Intune

Posted on October 27, 2023January 26, 2024 by Trevor Jones in Drivers, Intune, Powershell, Security

Note: this blog is now retired since the download URL for the Intel DTT drivers is no longer available and I could not find an alternative. The text and scripts remain for reference only. I've never been a fan of security - I see it as nothing more than a necessary evil. I don't lock … Continue reading Fix CVE-2022-29470 / Intel-SA-00875 / Nessus 180052 Intel Dynamic Tuning Technology Vulnerability with Intune →

PowerShell Functions to Invoke an Intune Remediation Script on Demand and View Remediation States

Posted on July 12, 2023July 13, 2023 by Trevor Jones in Intune, Powershell

!! Updated 2023-07-13 - added additional versions of the functions using the Microsoft Graph PowerShell SDK (v2), as well as adding paging support to the original two functions. Microsoft recently released a preview capability in Intune to run Remediations (formerly Proactive remediations - stop changing the name of things, Microsoft, really!!) on demand, which is … Continue reading PowerShell Functions to Invoke an Intune Remediation Script on Demand and View Remediation States →