Andrew Johnson
@andrewj.net
Systems Management, M365, and some things in between. ViaMonstra Academy Office Hours Live! Wed @ 4:30PM CST https://www.youtube.com/@ViaMonstraOnlineAcademy
Reposted by Andrew Johnson
Reposted by Andrew Johnson
🚨 New Blog Post! 🚨
Legacy registry settings silently blocked Windows Autopatch onboarding.
I break down:
- Root cause analysis
- Intune remediation scripting
- Ghost hunting with Security Copilot
- Lessons for IT pros
skotheimsvik.no/the-silent-w...
#Intune #WindowsAutopatch #SecurityCopilot
Legacy registry settings silently blocked Windows Autopatch onboarding.
I break down:
- Root cause analysis
- Intune remediation scripting
- Ghost hunting with Security Copilot
- Lessons for IT pros
skotheimsvik.no/the-silent-w...
#Intune #WindowsAutopatch #SecurityCopilot
Simon does The Silent Windows Autopatch Killer
Silent Windows Autopatch killer strikes again. Join me for a drive through modern Intune tools and Copilot to fix the legacy settings that kep coming back.
skotheimsvik.no
August 14, 2025 at 10:06 PM
🚨 New Blog Post! 🚨
Legacy registry settings silently blocked Windows Autopatch onboarding.
I break down:
- Root cause analysis
- Intune remediation scripting
- Ghost hunting with Security Copilot
- Lessons for IT pros
skotheimsvik.no/the-silent-w...
#Intune #WindowsAutopatch #SecurityCopilot
Legacy registry settings silently blocked Windows Autopatch onboarding.
I break down:
- Root cause analysis
- Intune remediation scripting
- Ghost hunting with Security Copilot
- Lessons for IT pros
skotheimsvik.no/the-silent-w...
#Intune #WindowsAutopatch #SecurityCopilot
Reposted by Andrew Johnson
Digging through #MSGraph docs to find an #Intune endpoint can be a pain…
I’m working on something bigger, but sharing these 3 #PowerShell functions to make life easier:
1️⃣ Uses Microsoft.Graph.Authentication
2️⃣ See success % + device counts for policy
github.com/AllwaysHyPe/...
I’m working on something bigger, but sharing these 3 #PowerShell functions to make life easier:
1️⃣ Uses Microsoft.Graph.Authentication
2️⃣ See success % + device counts for policy
github.com/AllwaysHyPe/...
Public/Intune at main · AllwaysHyPe/Public
Repo of PowerShell for general device management in Intune, some Azure, Entra ID, and other random tasks - AllwaysHyPe/Public
github.com
August 15, 2025 at 12:27 AM
Digging through #MSGraph docs to find an #Intune endpoint can be a pain…
I’m working on something bigger, but sharing these 3 #PowerShell functions to make life easier:
1️⃣ Uses Microsoft.Graph.Authentication
2️⃣ See success % + device counts for policy
github.com/AllwaysHyPe/...
I’m working on something bigger, but sharing these 3 #PowerShell functions to make life easier:
1️⃣ Uses Microsoft.Graph.Authentication
2️⃣ See success % + device counts for policy
github.com/AllwaysHyPe/...
Reposted by Andrew Johnson
We are now past the 60 day mark for MMS Music City Edition. Registrations are filling up and time is ticking fast!🎵🎷🎸🎶
Register Today: mmsmoa.com/mms2025music
October 12-15, 2025
#MMSMusicCity #MSIntune #ConfigMgr #Windows #ITpros #MMSMOA
Register Today: mmsmoa.com/mms2025music
October 12-15, 2025
#MMSMusicCity #MSIntune #ConfigMgr #Windows #ITpros #MMSMOA
August 14, 2025 at 8:16 PM
We are now past the 60 day mark for MMS Music City Edition. Registrations are filling up and time is ticking fast!🎵🎷🎸🎶
Register Today: mmsmoa.com/mms2025music
October 12-15, 2025
#MMSMusicCity #MSIntune #ConfigMgr #Windows #ITpros #MMSMOA
Register Today: mmsmoa.com/mms2025music
October 12-15, 2025
#MMSMusicCity #MSIntune #ConfigMgr #Windows #ITpros #MMSMOA
Wait…DevOps can apply to Sys Admin work? Let’s see what @allwayshype.com and @mattzaske.com have to say….
May 8, 2025 at 6:09 PM
Wait…DevOps can apply to Sys Admin work? Let’s see what @allwayshype.com and @mattzaske.com have to say….
Reposted by Andrew Johnson
If you are still using client secrets for applications, there is a shiny new doc you should read through and test out ❤️🔥
The TL;DR - use Managed Identities or Federated Credentials whenever possible. If you can't, use certificates, limit secret use.
learn.microsoft.com/...
The TL;DR - use Managed Identities or Federated Credentials whenever possible. If you can't, use certificates, limit secret use.
learn.microsoft.com/...
Migrate applications away from secret-based authentication - Microsoft Entra ID
Migrate applications away from secret-based authentication to improve security and user experience.
learn.microsoft.com
May 6, 2025 at 5:55 PM
If you are still using client secrets for applications, there is a shiny new doc you should read through and test out ❤️🔥
The TL;DR - use Managed Identities or Federated Credentials whenever possible. If you can't, use certificates, limit secret use.
learn.microsoft.com/...
The TL;DR - use Managed Identities or Federated Credentials whenever possible. If you can't, use certificates, limit secret use.
learn.microsoft.com/...
Reposted by Andrew Johnson
I had to be in appropriate costume for the happy hour session part one of Home Assistant yesterday. We must have been directly under one of the room lights when @andrewj.net took the picture because I look like a cardboard cutout! 🤪 #mmsmoa
May 7, 2025 at 1:24 PM
I had to be in appropriate costume for the happy hour session part one of Home Assistant yesterday. We must have been directly under one of the room lights when @andrewj.net took the picture because I look like a cardboard cutout! 🤪 #mmsmoa
Reposted by Andrew Johnson
Doing something a little unorthodox this morning. The great @jarwidmark.bsky.social joins us remotely with the equally legendary @andrewj.net! #MMSMOA
May 6, 2025 at 1:03 PM
Doing something a little unorthodox this morning. The great @jarwidmark.bsky.social joins us remotely with the equally legendary @andrewj.net! #MMSMOA
Reposted by Andrew Johnson
Gonna talk about more Graph coolness with @andrewj.net and @jankeskanke.com ... two of the best looking 1 p.m. speakers today! #mmsmoa
May 6, 2025 at 6:03 PM
Gonna talk about more Graph coolness with @andrewj.net and @jankeskanke.com ... two of the best looking 1 p.m. speakers today! #mmsmoa
Reposted by Andrew Johnson
May 6, 2025 at 6:10 PM
Reposted by Andrew Johnson
I might have had a spit take with my margarita from the jokes and memes of @andrewj.net and @z-nerd.com just now! 🤪 Talking lab setups at happy hour with @mmsmoa.bsky.social
May 5, 2025 at 10:36 PM
I might have had a spit take with my margarita from the jokes and memes of @andrewj.net and @z-nerd.com just now! 🤪 Talking lab setups at happy hour with @mmsmoa.bsky.social
Reposted by Andrew Johnson
#Intune #Azure #DevOps
In case you hadn't noticed: There are still ongoing changes to all azureedge.net endpoints. If you filter outgoing traffic, please make sure you adjust your network accordingly.
manima.de/2025/04/upco...
In case you hadn't noticed: There are still ongoing changes to all azureedge.net endpoints. If you filter outgoing traffic, please make sure you adjust your network accordingly.
manima.de/2025/04/upco...
Upcoming network requirement changes - yes, including Intune – mAnimA.de
Intune network requirements are changing, if you're controlling outgoing traffic flow, you might want to read this!
manima.de
April 30, 2025 at 8:23 PM
#Intune #Azure #DevOps
In case you hadn't noticed: There are still ongoing changes to all azureedge.net endpoints. If you filter outgoing traffic, please make sure you adjust your network accordingly.
manima.de/2025/04/upco...
In case you hadn't noticed: There are still ongoing changes to all azureedge.net endpoints. If you filter outgoing traffic, please make sure you adjust your network accordingly.
manima.de/2025/04/upco...
Reposted by Andrew Johnson
The "Windows Server Hyper-V architecture, features, GPUs, and more!" Windows Server Summit Presentation from @wsvguy.bsky.social has some nice slides
VMWP, WMMS, WMI
VSC, VSP, VMBus
VID, WinHV
PF, VF, SR-IOV
Now you can sound like a Hyper-V nerd too! 😎
techcommunity.microsoft.com/event/window...
VMWP, WMMS, WMI
VSC, VSP, VMBus
VID, WinHV
PF, VF, SR-IOV
Now you can sound like a Hyper-V nerd too! 😎
techcommunity.microsoft.com/event/window...
April 30, 2025 at 3:31 PM
The "Windows Server Hyper-V architecture, features, GPUs, and more!" Windows Server Summit Presentation from @wsvguy.bsky.social has some nice slides
VMWP, WMMS, WMI
VSC, VSP, VMBus
VID, WinHV
PF, VF, SR-IOV
Now you can sound like a Hyper-V nerd too! 😎
techcommunity.microsoft.com/event/window...
VMWP, WMMS, WMI
VSC, VSP, VMBus
VID, WinHV
PF, VF, SR-IOV
Now you can sound like a Hyper-V nerd too! 😎
techcommunity.microsoft.com/event/window...
Reposted by Andrew Johnson
Folks, I created these mindmaps to highlight the AMAZING ID Governance deployment guide that was just published by Microsoft.
You are going to want to bookmark this.
🧵👇
You are going to want to bookmark this.
🧵👇
March 28, 2025 at 4:50 AM
Folks, I created these mindmaps to highlight the AMAZING ID Governance deployment guide that was just published by Microsoft.
You are going to want to bookmark this.
🧵👇
You are going to want to bookmark this.
🧵👇
Reposted by Andrew Johnson
Man @andrewj.net is killing it with demos and info at @tcsmug.bsky.social today! Boatloads of practical bits and pointers in managing access! 🍻
March 18, 2025 at 7:01 PM
Man @andrewj.net is killing it with demos and info at @tcsmug.bsky.social today! Boatloads of practical bits and pointers in managing access! 🍻
Reposted by Andrew Johnson
Updated Driver Automation Tool v8 MSI posted. #HP support added. #Lenovo to follow in the next few days then #Microsoft before adding in Intune functionality. github.com/maurice-daly... #ConfigMgr #Drivers
March 14, 2025 at 5:38 PM
Updated Driver Automation Tool v8 MSI posted. #HP support added. #Lenovo to follow in the next few days then #Microsoft before adding in Intune functionality. github.com/maurice-daly... #ConfigMgr #Drivers
Reposted by Andrew Johnson
Optimizing Microsoft Teams Privacy Settings for End Users With Microsoft Intune
Privacy is becoming increasingly important for companies and end users. Your end users might see more popups on their devices. However, as an IT administrator, you have the choice to configure those settings for your…
Privacy is becoming increasingly important for companies and end users. Your end users might see more popups on their devices. However, as an IT administrator, you have the choice to configure those settings for your…
Optimizing Microsoft Teams Privacy Settings for End Users With Microsoft Intune
Privacy is becoming increasingly important for companies and end users. Your end users might see more popups on their devices. However, as an IT administrator, you have the choice to configure those settings for your end users. Index Issue Solution Getting Microsoft Teams app info Creating the policy End user experience after the privacy policy applies Conclusion Issue: Some users experience Microsoft Teams keeps asking for permissions to access microphone and camera with a message like this. What can we as IT administrators do to help our end user with the best possible end user experience??
osddeployment.dk
March 16, 2025 at 5:33 PM
Optimizing Microsoft Teams Privacy Settings for End Users With Microsoft Intune
Privacy is becoming increasingly important for companies and end users. Your end users might see more popups on their devices. However, as an IT administrator, you have the choice to configure those settings for your…
Privacy is becoming increasingly important for companies and end users. Your end users might see more popups on their devices. However, as an IT administrator, you have the choice to configure those settings for your…
Reposted by Andrew Johnson
PowerShell 1 liner to find OUs that match a given pattern - AD PS module not required
(New-Object System.DirectoryServices.DirectorySearcher "(&(objectClass=organizationalUnit)(ou=*Citrix*))").FindAll()
(New-Object System.DirectoryServices.DirectorySearcher "(&(objectClass=organizationalUnit)(ou=*Citrix*))").FindAll()
March 16, 2025 at 5:25 PM
PowerShell 1 liner to find OUs that match a given pattern - AD PS module not required
(New-Object System.DirectoryServices.DirectorySearcher "(&(objectClass=organizationalUnit)(ou=*Citrix*))").FindAll()
(New-Object System.DirectoryServices.DirectorySearcher "(&(objectClass=organizationalUnit)(ou=*Citrix*))").FindAll()
Reposted by Andrew Johnson
New script just dropped! Ever get stuck on update policies when moving from #ConfigMgr or GPO to #Autopatch? Reset-WindowsUpdateSettings is for you!
It creates a backup of relevant keys from your registry, then deletes and resyncs them where applicable. github.com/MHimken/tool...
It creates a backup of relevant keys from your registry, then deletes and resyncs them where applicable. github.com/MHimken/tool...
toolbox/Intune/Platform Scripts/Reset-WindowsUpdateSettings.ps1 at main · MHimken/toolbox
This is my toolbox. Watch where you step. Contribute to MHimken/toolbox development by creating an account on GitHub.
github.com
March 16, 2025 at 10:17 PM
New script just dropped! Ever get stuck on update policies when moving from #ConfigMgr or GPO to #Autopatch? Reset-WindowsUpdateSettings is for you!
It creates a backup of relevant keys from your registry, then deletes and resyncs them where applicable. github.com/MHimken/tool...
It creates a backup of relevant keys from your registry, then deletes and resyncs them where applicable. github.com/MHimken/tool...
Reposted by Andrew Johnson
Windows Policy Management is Evolving.
Intune’s relied on scheduled sync, devices checked in, applied policies, and reported back.
With Declared Configuration, Windows devices don’t just receive policies.
We tell how Declared Configuration works an is a game changer
#Intune #MSIntune
Intune’s relied on scheduled sync, devices checked in, applied policies, and reported back.
With Declared Configuration, Windows devices don’t just receive policies.
We tell how Declared Configuration works an is a game changer
#Intune #MSIntune
From OMA-DM to Declared Configuration: The Next Step in Windows Policy Enforcement - Just about the Modern Workplace
But Windows policy enforcement is evolving. With the introduction of Microsoft Management Platform - Cloud (MMP-C) and Declared Configuration, the way devices
joostgelijsteen.com
February 28, 2025 at 7:00 PM
Reposted by Andrew Johnson
I just published a deep dive on OAuth flows, from coding it yourself vs. using the Graph SDK. Do you know why PKCE is crucial? 🔐
#Intune admins, sometimes understanding stuff means playing with code you don't have to right?
msendpointmgr.com/2025/02/23/u...
#EntraID #MicrosoftGraph
#Intune admins, sometimes understanding stuff means playing with code you don't have to right?
msendpointmgr.com/2025/02/23/u...
#EntraID #MicrosoftGraph
Understanding OAuth: Coding the authentication flow yourself vs using an SDK - MSEndpointMgr
Dive into Microsoft Graph authentication with PowerShell. In this blog we explore OAuth flows, PKCE security, and token handling. Learn how to build a secure auth flow from scratch and why the SDK mig...
msendpointmgr.com
February 23, 2025 at 2:54 PM
I just published a deep dive on OAuth flows, from coding it yourself vs. using the Graph SDK. Do you know why PKCE is crucial? 🔐
#Intune admins, sometimes understanding stuff means playing with code you don't have to right?
msendpointmgr.com/2025/02/23/u...
#EntraID #MicrosoftGraph
#Intune admins, sometimes understanding stuff means playing with code you don't have to right?
msendpointmgr.com/2025/02/23/u...
#EntraID #MicrosoftGraph
Reposted by Andrew Johnson
I may regret doing this because I've already been pinged by recruiters within 5 minutes of posting on LinkedIn that I am open to (some) new work but I needed to get the word out - if you need PowerShell code reviews, optimisation, automation or EUC troubleshooting, health checks, etc please ping me.
February 24, 2025 at 2:23 PM
I may regret doing this because I've already been pinged by recruiters within 5 minutes of posting on LinkedIn that I am open to (some) new work but I needed to get the word out - if you need PowerShell code reviews, optimisation, automation or EUC troubleshooting, health checks, etc please ping me.
Reposted by Andrew Johnson
🆕 Drivers inventory dashboard updated with:
✅ Optional drivers updates available for a device
✅ Devices count by optional update & model
✅ Possibility to filter on device class
#MEMPowered #MSIntune @harjit.bsky.social
✅ Optional drivers updates available for a device
✅ Devices count by optional update & model
✅ Possibility to filter on device class
#MEMPowered #MSIntune @harjit.bsky.social
February 24, 2025 at 10:17 AM
🆕 Drivers inventory dashboard updated with:
✅ Optional drivers updates available for a device
✅ Devices count by optional update & model
✅ Possibility to filter on device class
#MEMPowered #MSIntune @harjit.bsky.social
✅ Optional drivers updates available for a device
✅ Devices count by optional update & model
✅ Possibility to filter on device class
#MEMPowered #MSIntune @harjit.bsky.social
Reposted by Andrew Johnson
Driver Automation Tool 8 BETA has a home now - github.com/maurice-daly.... The initial MSI has been uploaded, and updates will continue to be posted over the coming days / weeks. Note the limitations, I am adding functionality in sprints rather than a big release. #ConfigMgr
February 18, 2025 at 11:46 AM
Driver Automation Tool 8 BETA has a home now - github.com/maurice-daly.... The initial MSI has been uploaded, and updates will continue to be posted over the coming days / weeks. Note the limitations, I am adding functionality in sprints rather than a big release. #ConfigMgr
Reposted by Andrew Johnson
I published the first of several scripts for what I'm calling Operational Groups (stolen from System Center Dudes Operational Collections) :)
Goal is to maintain groups based on auth methods registered, MFA/passwordless, risk states, device details, etc
github.com/nathanmcn...
Goal is to maintain groups based on auth methods registered, MFA/passwordless, risk states, device details, etc
github.com/nathanmcn...
February 19, 2025 at 9:23 PM
I published the first of several scripts for what I'm calling Operational Groups (stolen from System Center Dudes Operational Collections) :)
Goal is to maintain groups based on auth methods registered, MFA/passwordless, risk states, device details, etc
github.com/nathanmcn...
Goal is to maintain groups based on auth methods registered, MFA/passwordless, risk states, device details, etc
github.com/nathanmcn...