Event banner
Event details
38 Comments
- thanks guys- more of the admin tasks/day to day type stuff
- For Tenant Configuration Automation: We have multiple companies in one tenant, and they have their own IT teams w/ different skill levels. So RBAC is critical for us w/ distinct roles, PIM for roles, dynamic group, Administrative Units. So, if we M&A a new company these configurations need to be added for the new company. We are currently looking in Azure DevOps to have a pipeline running such added configurations.
Thanks for participating in today's Feedback wanted! IT made easy with low-code workflows! For reference, the panel covered this topic at around 19:40.
- I would like something simple to create policies offline from Intune to be able to upload them to an environment. For example if the tenant is not available yet just to be able to allready create stuf when the tenant and licenses are available.
Thanks for participating in today's Feedback wanted! IT made easy with low-code workflows! For reference, the panel covered this topic at around 15:00.
- During Autopilot most customers create a PowerShell script to modify the device (remove unnecessary apps, modify Windows builtin apps, make registry changes etc) and deploy it as a Win32 app. It would be great to have task sequence like engine to Intune to divide a complex task to multiple simple steps with built-in logging, reporting, error control. Long PowerShell scripts tend to be difficult to maintain/understand when the person who made has left the company.
Thanks for participating in today's Feedback wanted! IT made easy with low-code workflows! For reference, the panel covered this topic at around 22:05.
We have been trying to implement automations to try and fill missing gaps of Entra ID/Intune. Some examples: Automation to evaluate and fix/set primary user in Intune, creating custom Entra groups based on device information, potentially creating a custom log analytics database with custom endpoint information which can be used with further automations etc.
One of the biggest challenges has been getting all this approved by our security and governance teams. We can securely send scripts to endpoints using proactive remediations, but there was a challenge of sending data to an API all while having that API secured. We don't want those APIs wide open where anyone from any device can send data to it.
- Dave Randall
Microsoft
Your best bet for Intune APIs is to use delegated auth for all your API calls. That gives you fine grained permissions from Intune RBAC roles to ensure that the script/caller doesn't have excessive permissions. App-only auth provides broader permissions than delegated auth via Intune RBAC roles.
- Looking for recommendation on automation regarding two items..... 1) Currently I run a script daily to ensure that an AAD group is populated with devices based on a particular property, one that is not available as an option in Azure Dynamic group properties. 2) We run a "Deprovisioning" task sequence in ConfigMan when we recycle devices. This TS does a bunch of things for us such as clearing the bios password, applying a generic image, removing the device from AD and CM. I looking to add a SECURE method to remove the device from Azure, Intune, and Autopilot.
Thanks for participating in today's Feedback wanted! IT made easy with low-code workflows! For reference, the panel covered this topic at around 11:05.
- We come from a Config Mgr background with Co-Management enabled. Looking more Intune native now, so just beginning our automation journey. Looking for low hanging fruit to get started
Thanks for participating in today's Feedback wanted! IT made easy with low-code workflows! For reference, the panel covered this topic at around 09:50.
- Heather_Poulsen
Community Manager
We know there are elements of Intune that you'd like to automate. What tasks are you looking to simplify or plug and play into other tools?
As an MSP we need a simple way to check if our customers have our standards in place or what the delta is between the customer config and the latest defaults we define. Now we try to use M365 DSC but that is a pretty hefty toolset to wrap your head around.
Thanks for participating in today's Feedback wanted! IT made easy with low-code workflows! For reference, the panel covered this topic at around 05:00.
Welcome to Feedback wanted! IT made easy with low-code workflows and the second annual Microsoft Technical Takeoff for Windows + Intune! Have a question? Post here in the Comments so we can help. Let’s make this an active Q&A!
