What's new in Microsoft Intune (2403+2404)
HTML-код
- Опубликовано: 7 авг 2024
- MSEndpointMgr team is ready with yet another season of What's new in Microsoft Intune.
We go through all of the new implemented features for Windows in the last months and at the same time, demo and talk through how they could be utilized in your environment.
2403
(01:30) New Microsoft Cloud PKI service
(07:20) New elevation type for Endpoint Privilege Management
(10:20) HTML formatting supported in noncompliance email notifications
(14:55) New enrollment configuration for Windows Hello for Business
(18:45) Role-based access control changes to enrollment settings for Windows Hello for Business
(20:30) Windows quality updates will support expediting non-security updates
(24:50) Improvements for Intune deployments of Microsoft Defender for Endpoint
(31:10) Updated security baseline for Windows version 23H2
(34:35) Introducing a remote action to pause the config refresh enforcement interval
(37:40) Updates to assignment filters
(39:40) New archive file scan settings added to Antivirus policy for Windows devices
2404
(42:10) New BIOS device configuration profile for OEMs
(46:45) GCC customers can use Remote Help for Windows and Android devices
(47:15) Copilot in Intune is available in the Intune admin center (public preview)
(52:50) Intune support of M365 remote application diagnostics
(57:15) Windows update distribution report
(60:20) Windows Firewall CSP changes for processing Firewall Rules
(64:05) Auto update available with Win32 app supersedence
#MSIntune #ConfigMgr #Reports #Windows10 #Windows11 #Winget #Debug #WhatsNewInMicrosoftIntune #MDE #Security
Hi, great video. Is it possible that you could make a special video with only "Auto update available with Win32 app supersedence". I think as an Intune admin this new feature is great, and I would like to know 100% how to use it. How do I set up the install command lines correctly for the superseeding app, see some examples etc.
Hi Morten
Thanks for your comment. I will ask the team if they have time to do a deeper dive into this area.
But in general, supersedence is very hard to make a 100% solution do to limitation of 10 apps and not able to cleanup if older apps is in that chain, which makes a mess in the Intune console.
49:21 copilot for security is really expensive thus much and fast feedback from use cases will not really flushing in I believe. But I do want to see it grow to easy the troubleshooting for IT support guys, so they can discover the issue faster and less press on second or thirdline teams
Agree to that. Let’s see where it is headed in the future.
Great video, thanks. Wording at 19:43 can be a bit confusing. Pretty sure the setting is applied during enrolment only and doesn't apply to already enrolled devices.
Correct the tenant wide is only for enrollment scenario, so it wouldn't apply a policy as such on your devices if they already is enrolled.
The tenant wide settings is placed under enrollment which gives a hint, but I can see that I should have been more clear on when it applies. Thanks for your comment! 😀
Hi there, I cant seem to get my head around support approved, am i right in syaing you dont need to create a rule as it should just allow a user to ask for approval on any app ? my user can just simply double click the exe and it runs, is this normal ?
Thanks for the question. Support approved first needs to be send as a enrollment policy to the client. Then your user will be able to ask for approval on any given EXE file without having a rule. If you user is able to just elevate, that might be related to your enrollment policy where you opened up to much. I usually block if there is no existing rule.
@@MSEndpointMgr turns out they were local admin on the device when i joined it to intune, it was a demo tenant so some funky stuff with adele vance :D