Microsoft Technical Takeoff: Windows + Intune
Welcome to the third installment of the Microsoft Technical Takeoff for Windows and Microsoft Intune! This free, virtual skilling event offers prescriptive, technical deep dives and panel-based discussions to help you feel prepared and confident in deploying and managing devices, apps, and experiences from client to cloud! Experts from the Windows, Windows 365, Intune, Azure Virtual Desktop, and security teams answer your questions live during the sessions and throughout the week. This event is all about getting you the information and skills you need to be successful! Monday, March 3, 2025 - now on demand! Let's talk Windows and Intune: 2025 edition Enhance and supercharge IT management with Copilot in Intune The hottest way to update Windows 11 and Windows Server 2025 The path ahead: The roadmap for Windows in the cloud Achieving update harmony through unified update management Intune 'fast lane' - Let's talk about all things latency Untangling this thing called AI in a Windows ecosystem Understanding security and management on Windows 365 Link Unlocking productivity on the frontline with Windows 365 From admin to standard user with Endpoint Privilege Management Tuesday, March 4, 2025 - now on demand! Managing macOS updates in Intune Windows Autopatch: Your playbook for advanced update management Unified security: Intune + Microsoft Defender for Endpoint AMA: Microsoft Application Management for Windows Effective prompt engineering for IT pros Utilize, configure, and manage Cloud PKI like a pro Skill up! Cloud PC management and reporting Get to know Windows security and resiliency in the cloud Windows 11 kiosks: Cloud management for the win Wednesday, March 5, 2025 - now on demand! Enabling accessible Windows 11 experiences: an IT pro's guide Never trust, always verify: Tips for Zero Trust with Intune Data protection with hardware-based security and Windows 11 Best practices for Windows Autopilot and device preparation Intune data platform and Advanced Analytics Enhancing resiliency with Windows 365 How to protect your administrator users on the device Delivering like-local Windows experiences from the cloud Deploying Microsoft Connected Cache for Enterprise at scale Secure corporate data and privacy with Win32 app isolation Thursday, March 6, 2025 - now on demand! Azure Virtual Desktop app management Azure Virtual Desktop hostpool management at scale Device management for the frontline: Intune to the rescue The latest and greatest in the world of Windows LAPS AMA: Cloud native with Microsoft Intune Secure helpdesk support using Intune Remote Help Enterprise Application Management with Microsoft Graph Windows cloud migration and deployment best practices Windows 10 EOS: Myths, misconceptions, and FAQs The full agenda Here is a day-by-day look at the 2025 session grid, which was available for download.
Android 15 - CredentialProviderPolicy not surfaced by Intune
I have been having an issue with Android 15 devices. We use Authenticator as our password autofill provider. As soon as a device is updated from Android 14 to Android 15, the password autofill provider is no longer set and the setting to change it is 'blocked by work policy.' I have already tried removing all policies that apply to the devices (device config and device compliance policies) and factory resetting them. Simply having them enrolled as corporate owned fully managed devices causes this to happen. I raised the issue in the Android Enterprise community blog. A link to that is included below. Someone on that thread found that there is a policy in Android 14/15 called the credentialproviderpolicy. When that policy is blocked or unconfigured, this behavior happens. I cannot find anywhere in Intune where I can set this policy. It seems that it is allowed by default when managing Android 14 with Intune, but not set or blocked when the device switches to Android 15. Is there any way to specifically set a policy that is not reflected in the Intune UI? This is a blocker for being able to move more phones to Android 15. Link to Android Enterprise thread: https://www.androidenterprise.community/t5/admin-discussions/android-15-cannot-set-default-password-app/m-p/8827#M2105 Thanks, TomWrap up: Manage, Configure, and Secure Devices with Microsoft Endpoint Manager Post Day
Thanks to the thousands of people who attended our Post Day! A few housekeeping things ------------------------------------------------- You've asked about the recordings for the event. You should be able to still access the recordings for now by using the AKA links below. It will start Teams Live Events and you can just click Play to watch the whole thing. (and if that doesn't work, let me know!) We're working on the "greatest hits" complication, and we'll post that to the VideoHub when we get that. I'm working on cleaning up the decks for posting - there's some accessibility stuff I need to do - and then I'll attach them to this thread when I have them. We were thrilled with all the great feedback we got about the 24-hour, round-the-world marathon training we offered - and we'd still love more feedback! We've already announced there will be another Microsoft Ignite in March 2021 - should we do this again? If so, what topics should we cover? What should we change (besides the registration process)? Reply here! --------------------------------------------------- The product team for Microsoft Endpoint Manager usually does a pre-day event at Ignite but this year we're doing a post-day event the week after. We'll have two 4-hour Teams Live Events about how to get the most out of Microsoft Endpoint Manager. It's free! When you go to register, you'll see three options for each track to accommodate time zones around the world. Most of the dates are September 29, but depending on your time zone a session may show up on Sept 28 or Sept 30, so check all three dates to be sure. You don't need to take them in order and you can take anything that fits your schedule, even if you need to jump around the options. You'll get a calendar invite for a 4-hour block but here's how the blocks break down. (and I know some of you are getting an error message, so I'm including the direct links to the Teams Live Events down below - as long as you have that link it will connect you to the meeting, but until we start the session it will just sit there and say the meeting hasn't started yet.) Track 1: Manage, Configure, and Secure Windows Devices with Microsoft Endpoint Manage Hour 1 - Get Your Windows Devices to Microsoft Endpoint Manager Hour 2 - Configure your Windows Devices Hour 3 - Secure your Windows Devices Hour 4 - Improve the End-User Experience on Your Windows Devices Track 2: Manage, Configure, and Secure Mobile Devices with Microsoft Endpoint Manage Hour 1 - Get Your Mobile Devices to Microsoft Endpoint Manager Hour 2 - Secure Your Mobile Devices with Microsoft Endpoint Manager Hour 3 - Manage You MacOS with Microsoft Endpoint Manager Hour 4 - Manage Shared Devices for Firstline Workers Here's how it maps out, based on what we figure are the best times for each part of the world Asia/Pacific/Japan and Europe/Middle East/Africa Windows Option 1: https://aka.ms/MEMPDC/WINREG01 Mobility Option 1: https://aka.ms/MEMPDC/MOBREG01 Europe/Middle East/Africa and Americas (Windows) Windows Option 2: https://aka.ms/MEMPDC/WINREG02 Mobility Option 2: https://aka.ms/MEMPDC/MOBREG02 Europe/Middle East/Africa and Americas (Mobility) Windows Option 3: https://aka.ms/MEMPDC/WINREG03 Mobility Option 3: https://aka.ms/MEMPDC/MOBREG03 Register now! (or grab the AKA links above and make your own calendar invite to remind you it's time)
Request: Manage Apple Vision Pro with Intune MDM
Hi, At our company, some teams are working with Apple Vision Pro because they are hoping to find new technical solutions for the business. We would also like to include Apple Vision Pro in the management of our other mobile devices via Intune MDM. Since Apple has also offered an MDM interface for Apple Vision Pro with the visionOS 1.1 update, the glasses could in principle also be managed by an MDM, but the MDM must also support the glasses. Hence my question: When will this be possible via Intune MDM? As a company, we recently switched to Intune MDM with over 110,000 devices (both mobile devices and fat clients) and we are confident that Microsoft will also support new technical products (such as the Apple Vision Pro).Microsoft Technical Takeoff 2026: Windows + Intune
Deep dives. AMAs. Windows, Intune, Windows 365, and Azure Virtual Desktop. Tune in for virtual technical skilling that takes you deep inside the latest features, capabilities, and scenarios for commercial organizations and the IT professionals that support them. Microsoft Technical Takeoff 2026 for Windows + Intune is a great opportunity to skill up and learn from engineering and product teams behind the features. Day 1 - now on demand! Let's talk Windows and Intune: 2026 edition The latest in Windows 11 security Uplevel business continuity with Windows 365 Reserve Hotpatch updates demystified: answers to real-world questions Zero Trust in action: securing endpoints with Intune AMA: Windows Autopilot The AI‑powered admin: emerging trends in endpoint management Eliminating NTLM in Windows One platform, many industries: smart Android management with Intune Resiliency with Windows 365 and Azure Virtual Desktop Day 2 - now on demand! The latest in security for Windows 365 and Azure Virtual Desktop Secure Boot certificate updates explained Feedback wanted: App management in the enterprise Ready day one: how to get Windows users up and running fast Making the most of your Intune data Windows 365 reporting and monitoring updates Least privilege on Windows with Endpoint Privilege Management Windows 365 Frontline expands with Cloud Apps and more From panic to productive: point-in-time restore in Windows The Intune playbook for iOS management at scale Day 3 - now on demand! Why smarter Windows management starts with Intune Reporting at scale with Windows Autopatch update readiness User experience updates: Windows 365 Boot and more AI roundup: Intune agents for outcome-oriented innovation AMA: Getting the most from Security Copilot in Intune Manage Apple devices at scale: Intune security best practices Click less, manage more: simplify app deployment with Intune App Control for Business: same roots, new playbook Intune timing demystified: what really happens behind the scenes Migrating from VDI to Windows 365 Day 4 - now on demand! AMA: The latest in Windows hardware security Zero Trust DNS: Securing Windows one connection at a time AMA: Secure and manage AI and agentic capabilities in Windows Deploy and manage Windows 365 with Microsoft Intune Unpacking Endpoint Management: Live from Tech Takeoff 2026 Azure Virtual Desktop for hybrid environments Protect users, stop attacks: Passkeys on Windows AMA: AI and agentic features for Windows 365 Transitioning to post-quantum cryptography Resilience for the modern era: Windows quick machine recovery Please share your thoughts so we can keep bringing you these types of events!Announcing Windows 10 in Cloud Configuration
Today we released a recommended set of settings for Windows 10 devices that makes devices easy to deploy, highly secure, and cloud-first. Windows 10 in cloud configuration enables organizations to provide frontline workers, remote workers, and other individuals with a select set of applications, cloud-based data storage, and a familiar Windows experience. Want to learn more? Check out the official announcement in the Windows IT Pro Blog.How to create a backup of your Microsoft Endpoint Manager (Intune) infrastructure!
Dear Microsoft Intune Friends, Imagine the following situation. You have invested several hours to build your Microsoft Endpoint Manager (Intune) infrastructure. After the final tests, everything is now working exactly as you imagined. Now the question arises how can I backup all these settings and configurations? I will answer this question in this article. Note: I will describe how to compare and restore the backup in a next article. https://techcommunity.microsoft.com/t5/microsoft-intune/compare-and-restore-a-microsoft-endpoint-manager-intune-backup/m-p/2993736 What we can do in the Microsoft Endpoint Manager portal is export configuration settings to a CSV file. However, this is not exactly what I wanted. To create a complete backup of our tenant we need the power of PowerShell (power of PowerShell - funny ) I used the PowerShell ISE for this configuration. But you are also very welcome to use Visual Studio Code, just as you wish. Please start with the following steps to begin the deployment (the Hashtags are comments): #The first two lines have nothing to do with the configuration, but make some space below in the blue part of the ISE Set-Location Clear-Host #Customize the ExecutionPolicy (absolutely OK for this demo) Set-ExecutionPolicy -ExecutionPolicy Unrestricted #Install the Module Install-Module -Name Microsoft.Graph.Intune -Verbose -Force -AllowClobber #Install the Module Install-Module -Name MSGraphFunctions -Verbose -Force -AllowClobber #Import the Module Import-Module -Name MSGraphFunctions #Install the Module Install-Module -Name AzureAD -Verbose -Force -AllowClobber #Install IntuneBackupAndRestore from the PowerShell Gallery Install-Module -Name IntuneBackupAndRestore -Verbose -Force -AllowClobber #Update the Module Update-Module -Name IntuneBackupAndRestore -Verbose #Import the Module Import-Module IntuneBackupAndRestore #Connect to Microsoft Graph Connect-MSGraph Here you must agree to the extended permissions. #Create a folder New-Item -ItemType Directory -Path C:\Backup\IntuneBackup #Switch to the folder Set-Location C:\Backup\IntuneBackup #Create the Full-Backup Start-IntuneBackup -Path 'C:\Backup\IntuneBackup' It starts with the creation of the backup. #Let's look at the content Get-ChildItem -Path 'C:\Backup\IntuneBackup' Let's start Windows Explorer and navigate to our backup folder, Bingo....we have a complete backup! I know that was nothing spectacular, but I still wanted to share my experience with you. Thank you for taking the time to read this article. Kind regards, Tom Wechsler P.S. All scripts (#PowerShell, Azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechslerMicrosoft #IntuneForMSPs resource guide
Welcome to your home for all things #IntuneForMSPs! Our goal is to help you grow your Microsoft Managed Service Provider (MSP) business by combining productivity apps, intelligent cloud services, and the world-class security of Microsoft 365 with the multi-tenant management capabilities of our partners. Navigate to: Guidance and tutorials | Marketing and business development | Multi-tenant management partners | Application packaging partners | Additional resources #IntuneForMSPs community meetups Gain valuable insights from first-hand experiences with configuring and managing customer tenants. Up next: Hands on with device configuration and policy May 19, 2026 - 8:00 a.m. PT | 3:00 p.m. UTC #IntuneForMSPs Community Meetup: June edition June 16, 2026 - 8:00 a.m. PT | 3:00 p.m. UTC On demand: From box to business‑ready with Windows Autopilot Advanced automation and PowerShell for Intune Planning your customers' Intune migration Getting started with Microsoft #IntuneForMSPs Guidance and tutorials We hear from many MSPs that time for learning is limited. To help you ramp up quickly, we’ve pulled together ready-to-use decks, videos, and interactive demos you can follow step-by-step for the most common scenarios. A great place to begin is the checklist available by downloading Enhancing Security with Microsoft 365 Business: A Hands-on, Effective Guide. Microsoft 365 Business Premium deployment best practices Download PowerPoint decks that build on the videos listed below. They go deeper with additional guidance, context, and tips you can apply in customer environments. Identity and access controls (14.81 MB) Device enrollment (15.92 MB) Email and app protection (38.84 MB) Device security (17.89 MB) Data security (36.49 MB) Videos and demos ▶️ Achieve greater security and productivity with Microsoft Intune and Microsoft 365 - Follow along with each step of the checklist with complementary videos. Watch on one screen and follow along in your own tenant on the other. We’ll keep expanding this playlist with new content that goes beyond the checklist, so follow along on our social channels for the latest updates. 🖱️ Microsoft Intune guided demos - Learn how to configure app protection policies and Conditional Access, update Windows from the cloud, manage corporate devices, deploy and manage line of business (LOB) apps, enable Universal Print, protect corporate resources on personal-owned devices, utilize Windows Autopilot for new device delivery, and reduce update bandwidth consumption. Marketing and business development Step 1: Join Microsoft Partner programs AI Business Solutions for Partners Microsoft Security Partners Step 2: Join the Partner Skilling Hub Go to the Microsoft Partner Skilling Hub and create your free account. Select solution areas of interest. (Hint: Intune content: AI Business Solutions, Security) Explore these recommended modules: Implement with impact: Endpoint management with Microsoft Intune Implement with impact: Implement identity and access management with Microsoft Entra Step 3: Download turnkey campaign assets "Protect my devices" campaign-in-a-box (119.20 MB) Multi-tenant management partners Microsoft Intune is proud to collaborate with leading global providers of multi-tenant Intune management solutions. These companies are building innovative capabilities on top of Microsoft Intune, Microsoft Security solutions, and the broader Microsoft 365 platform. Their companion solutions empower you to: Centrally view and manage all customer tenants and action items through a unified partner dashboard. Take action across environments, leveraging Intune for device management, cloud security, and compliance. Standardize security settings, automate onboarding, and ensure policy consistency at scale-no more repetitive, manual tasks or risky policy drift. Want an introduction to multi-tenant management? ▶️ Watch this video from Jonathan Edwards. AvePoint is the global leader in data protection, unifying data security, governance, and resilience to provide a trusted foundation for AI. More than 28,000 customers rely on the AvePoint Confidence Platform to secure, govern, and rapidly recover data across multi‑cloud environments. Through AvePoint Confidence Platform: Elements Edition, AvePoint extends Microsoft Intune with secured multi‑tenant automation, lifecycle management, and centralized visibility—enabling partners to scale Intune delivery profitably and consistently across customers. With a single platform for governance, lifecycle control, and recovery, partners reduce operational overhead, prevent sprawl, and accelerate Copilot readiness. AvePoint supports a global partner ecosystem of 6,000 MSPs, VARs, and SIs, with solutions available in over 100 cloud marketplaces. CyberDrain CIPP provides MSPs with a centralized, multi-tenant management platform for Microsoft 365. It enables partners to securely manage tenants at scale, automate common administrative tasks, enforce standards across environments, and gain deep visibility into tenant security and configuration. With built-in automation, governance controls, and extensibility, CIPP reduces reliance on custom scripts and manual processes. MSPs can standardize operations, streamline user and tenant management, monitor security posture, and respond quickly to issues across all customers from a single interface. CIPP is supported by one of the largest and most active MSP communities in the Microsoft ecosystem, with thousands of partners contributing feedback, automation ideas, and best practices. As one of the most widely adopted platforms for Microsoft 365 multi-tenant management, CyberDrain CIPP continues to evolve rapidly to meet the needs of modern MSPs. inforcer empowers MSPs to standardize Microsoft 365 and Intune policies across all tenants, automate environment configuration, monitor compliance in real time, and reduce risk through policy drift detection. Its reporting and automation features free teams from manual, error-prone scripting and help deliver consistent, secure customer experiences, setting MSPs up to deliver advanced AI services to their customers. Nerdio brings deep automation and analytics to Intune, Windows 365, Azure Virtual Desktop, and the broader Microsoft cloud. MSPs benefit from multi-tenant dashboards, global policy insights, role-based access, centralized app deployment, and automatic policy versioning with rollback and drift correction. Nerdio’s tooling is designed specifically for MSPs and scales from small teams to large enterprise portfolios. SoftwareCentral Tenant Manager helps MSPs run Microsoft Intune across multiple customer tenants with consistency and control. MSP teams can standardize policies, manage applications and devices across environments, monitor configuration drift, and maintain visibility into changes across tenants from a single platform. The platform runs entirely on Microsoft Azure with region-selectable deployment for your data protection requirements. It includes CIS certified security baselines, helping MSPs deliver secure, repeatable Intune services as their customer portfolios grow, even without in-depth Intune knowledge. Application packaging partners Migrating applications from Configuration Manager and other on-prem solutions to Microsoft Intune cloud native remains a challenging and time consuming undertaking, especially when dealing with complex line-of-business, legacy, and custom home-grown applications. Some organizations pursuing a full cloud-native management vision are encountering blockers related to application compatibility, re-packaging, and the scale of existing app estates - all while trying to maintain business continuity, device compliance, and preparing for the AI and Copilot era. To address the complex realities of app migration, the Microsoft partner ecosystem has stepped up with specialized offers designed to reduce risk and accelerate cloud adoption. As part of this initiative our Microsoft partners Rimo3 and Robopack are offering no-cost, time-limited app migration service to all Intune customers who are looking to move from Configuration Manager to Intune. These services can help IT teams automate assessment, package conversion, and remediation for various app types, helping organizations realize the full value of Intune faster and with less disruption Note: These app migration services are offered directly by partners and are subject to their terms. Microsoft makes no guarantees or commitments regarding availability or outcome. Rimo3 helps IT professionals modernize, migrate, and manage applications at enterprise scale. The platform eliminates manual effort by automating packaging, validation, and patch testing. With patented IP, Rimo3 ensures every app is compatible, secure, and visible for dependencies and update readiness before deployment. Automated, unattended workflows reduce migration timelines from months to days, while contextual patch validation minimizes production risk. Rimo3 keeps environments evergreen with zero-touch app management and enhances Microsoft Intune with bulk operations, advanced controls, and unified reporting. Robopack is a cloud-native Intune app lifecycle platform that lets you package, deploy, and keep third-party apps updated, across one or many tenants, with phased control and PowerShell App Deployment Toolkit (PSADT)-based customization. Start with a self-service migration readiness report, mapped to the library of 41,000 pre-packaged, fully documented apps ready to go, or upload your own apps to be analysed and converted. Robopack Radar discovers apps installed across your estate, allowing you to quickly migrate to Intune and uncover Shadow IT. Additional resources Microsoft 365 Blog: small and medium business content Microsoft 365 Partner on LinkedIn Microsoft Intune Blog: MVP community content
