Encrypting Sensitive Data for Transit or Rest with PowerShell

This blog is about how you can use the .Net cryptography model to encrypt and decrypt sensitive information such as passwords with PowerShell. It is specifically for the encryption in transit and encryption at rest scenarios, where, for example, you may be sending data to a backend service and securely storing it in that service. … Continue reading Encrypting Sensitive Data for Transit or Rest with PowerShell

Automate a Daily Activity Log Audit Report for an Azure Subscription

Yesterday I published a PowerShell script that retrieves activity log events for an Azure subscription. In this post, I will demonstrate how you could automate a daily email summary report of activities in your subscription using Azure automation. The email report looks something like this, with a summary of operations performed over the last 24 … Continue reading Automate a Daily Activity Log Audit Report for an Azure Subscription

Audit Events in Your Azure Subscription with PowerShell

Update! v.1.1 released fixing a bug where the most recent events were not being returned (2022-09-13) A quick post - I just published a new script for retrieving activity log events for an Azure subscription as the current options for searching and retrieving events didn't satisfy me. Azure Monitor has an activity log at the … Continue reading Audit Events in Your Azure Subscription with PowerShell

DIY Windows Provisioning – a Solution Example

Some time ago I created a custom solution to provision Windows workstations and in this blog I wanted to share how that solution works. This is not a community solution but simply an example of what can be possible with a little creativity and technical know-how! I work for an American company with a global … Continue reading DIY Windows Provisioning – a Solution Example

Get Group Membership for Intune Managed Devices with PowerShell

Just a quick one - Microsoft just added the Device group membership report to Endpoint Manager (service release 2206) which is pretty handy: We can also get group membership with PowerShell. The function below lets you pass either a device name or Azure AD Id and it will return the group and transitive group membership. … Continue reading Get Group Membership for Intune Managed Devices with PowerShell

Enhance Update Compliance Reporting with Azure Automation

In my last blog I provided an Intune Proactive remediations script that can be used to gather additional Windows Update information from your managed Windows devices and send the data to an Azure Log Analytics workspace to enhance your Windows Update reporting together with Microsoft's Update Compliance solution. In this blog, I will provide an … Continue reading Enhance Update Compliance Reporting with Azure Automation

Enhance Update Compliance Reporting with Microsoft Endpoint Manager

If you're using Windows Update for Business in Microsoft Endpoint Manager you're probably also using Microsoft's Update Compliance solution for reporting. Update Compliance contains some useful data and I know the team are working on additional improvements. A while back I created my own "Update Compliance" solution in part because I wasn't happy with the … Continue reading Enhance Update Compliance Reporting with Microsoft Endpoint Manager

Beware of Changing Regional Format after Intune Enrolment

Today I discovered an interesting bug with the Microsoft Intune Management Extension that hopefully you never have to come across. It surfaced on devices that were deployed with Windows Autopilot using a US-English base image, but because they were intended for use in the UK not the US, our deployment process installs the UK language … Continue reading Beware of Changing Regional Format after Intune Enrolment

User-Context Detection Rules for Intune Win32 Apps

Today I had to create a Win32 app in Intune that sets a registry key in the current user context to toggle a setting in the OS. Somehow I thought I'd have it done in a jiffy, but I stumbled on a couple of unexpected issues along the way.... First, as the app simply runs … Continue reading User-Context Detection Rules for Intune Win32 Apps

Why you may want to add a full synchronization schedule on ConfigMgr collections synced with AAD groups

Let me start with a little story behind the reason for this post 🙂 This morning I was happily working away when my VPN connection dropped. I noticed the icon of the VPN software disappear from the notification area and I immediately recognised the behaviour - the VPN client was getting an upgrade. As it … Continue reading Why you may want to add a full synchronization schedule on ConfigMgr collections synced with AAD groups