myself), are managing those iOS devices as private BYOD devices enrolled through the Company Portal. As of such, keeping the devices up to date is the end-user's responsibility and something that's often forgotten and neglected. So what if we could send those devices and users a kind reminder automatically, both as a custom notification directly on the device, but also as an e-mail? Microsoft Intune Powershell SDK to the rescue!

that's considered the crown jewels. This is due to Active Directory still being the bread and butter for most organizations in regard to authentication and authorization. When it comes to security, automation is your best friend and keeping a close eye on privileged group membership should be on top of your list. This post will walk you through, how you can make sure no unwelcome objects make their way into privileged groups in on-premises AD, by leveraging Microsoft Sentinel and its option to run playbooks automated. This breaks down to Microsoft Sentinel generating an alert, which triggers the associated Playbook, which triggers a Logic app, which triggers a Runbook in an Automation Account, which ultimately runs a PowerShell script on an on-premises server.

what's changed and started browsing and comparing the various settings via the admin portal. Then I realized how that's not very optimal, and began looking for alternatives. I eventually got myself into trying something new, and went on to compare the Security Baselines Profiles using Powershell and the Microsoft Graph. The result of that journey is this post.

already. At time of writing, the new security baseline for Windows 11 23H2 in Intune configure this as well, restricting local logons to the built-in groups: Users and Administrators. This solution does something else. This solution grabs the currently logged on user and configures the 'Allow logon locally' policy to ONLY allow this very user as well as Administrators to be able to log on locally.

Windows 11.

heard about the recommendation to disable the legacy protocol NetBIOS in Windows. If this is news to you, there's some interesting reading for you in this article: Adversary-in-the-Middle: LLMNR/NBT-NS Poisoning and SMB Relay, Sub-technique T1557.001 - Enterprise | MITRE ATT&CK NOTE: Before disabling anything, make sure you do your due diligence and monitor your environment for NetBIOS traffic, so you don't accidently break stuff!

a jiffy using PowerShell and Configuration Manager I received a few questions whether the PowerShell script can be used with Microsoft Intune instead of Microsoft Configuration Manager. And sure! This post will explain one of many approaches available with Intune.