🚀 New in Windows Autopilot (June 26, 2025):
You can now deliver Enterprise App Catalog (EAM) apps during device preparation!
With Intune 2506, ensure critical apps are installed before users reach the desktop.
RT by @SwiftOnSecurity: Ever wondered what “Security policies (1 of 1 applied)” really means during Windows Autopilot?
What if there was a way to track more than just the default Entdmid policy?
What if we could track LAPS or AppLocker policies and see them reflected in ESP?
We dug deep into how that tracking actually works….using custom CSPs, timing tricks, and even some localmdm system magic.
And yes!!! If a tracked policy doesn’t apply, ESP will freeze on security policies and will error out!
Curious how far we got?
https://patchmypc.com/autopilot-identifying-security-policies-esp
#WindowsAutopilot #Intune #MSIntune #Windows #Windows11 #patchmypc #Microsoft #Security #policies
P.S: Don’t try to do this in your production environment… some people also don’t like encoded commands..
🐦🔗: https://nitter.oksocial.net/Mister_MDM/status/1924788739911406056#m
[2025/05/20 11:26]
RT by @SwiftOnSecurity: Remember the CrowdStrike incident that left many of your devices trapped in a BSOD loop? Turns out that Microsoft has been quietly working on something that could help you recover the next time it happens. (Because, yes, there will be a next time.)
This new feature is called Quick Machine Recovery.
It is built into WinRE. It kicks in automatically when things go wrong and should restore your machines without needing bootable USBs or manual recovery.
I took it apart. StartRep.exe, the Recovery settings, the Plugins, and the Test mode. Here’s what’s under the hood.
https://patchmypc.com/quick-machine-recovery-cloud-based-remediation
#Intune #MSIntune #Windows #Windows11 #Microsoft #WindowsAutopilot #PatchMyPC
🐦🔗: https://nitter.oksocial.net/Mister_MDM/status/1907338202861498471#m
[2025/04/02 07:43]
After 7 long months, we finally got #WindowsAutopilot to work on-prem, behind all our security & firewall stuff. We needed to do this because we have hundreds of machines in inventory to deploy before we can start shipping new laptops directly to the staff from our vendor.
Now, they want me to demo a wiped laptop, installing the OS, doing the Autopilot prep, and running thru a full autopilot deployment via Teams to our 20+ workforce technicians across the country (with no funds for any additional equipment). Had to put on my thinking cap for this one...
So I borrowed a company iPhone, setup my test account on it, rigged up this stand, and had the iPhone join a Teams meeting flipped to the back camera pointed at the laptop. It totally freaking worked!
I recently jumped on a project to help my teammates implement Microsoft #WindowsAutopilot and #Windows11 in a hybrid Azure AD joined environment for a fall 2023 rollout. I haven't been in the EUC space for a long time.
What a freakin mess #Microsoft made. Seems they've been ignoring any advancement in the group policy space since they bought DesktopStandard, and #Intune Management looks to only be half done.
This definitely keeps me employed, but man...
Joakim Åberg
Sascha Stumpler
SwiftOnSecurity
Michael Borland