New Intune Lab
I've been procrastinating creating my own Intune lab for a few reasons but I figured it was about time to write up a few of the things that I'm doing to get myself up and running-ish, plus a great opportunity to highlight a sliver of the wonderful work other community members have provided.
Intune Tenant
▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀
For my initial setup I had a few snags that definitely caused me to overcomplicate everything and I just wasn't happy with how everything looked. I decided to start fresh and snag myself the Microsoft 365 Business Premium license. I really wanted to start using Defender in my lab.
Settings
Initial configurations ✩°。🎧 ✩°。⋆⸜
▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄
IntuneManagement
First step, I downloaded the IntuneManagement tool. The more that I use the IntuneMangement tool, the more that I fall in love with it. It’s hard to pick a favorite functionality, but the documentation and comparison feature are definitely up there for me.
OpenIntuneBaselines
From there I went to Jame's OpenIntuneBaselines and imported them into Intune using the IntuneManagement tool. I think that this took me a wopping 5 minutes, max. I have so many wonderful things to say about these baselines, but I’ll have to save that for another post.
Baselines - more than meets the eye
I would say that it’s pretty obvious that these baselines are timesaving and provide tremendous standardization, but there’s another element that they provide that really excites me.
I’d venture to guess that I’m not alone in that it seems as though there’s an endless pile of work and optimization that I see in my environment. Pairing IntuneManagement and OpenIntuneBaselines together is not only an opportunity for me to save time, but what about junior admins, or even service desk folks that really want to learn?
Now we’re got timesaving on expert mode!
An opportunity to learn JSON
Deepen experience with Graph Explorer
Continue to build automation
Documentation - this is huge for me. Being able to save time but also increase visibility and the habit (and culture) of documentation. Sign me up!
The markdown file > Confluence upload = chefs kiss, imo.
Applications ✩ ♬₊.⋆☾⋆⁺₊✧✩♬
▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄
If you already have applications (or rather installers) easily get your packages rolling with the IntuneWin32App module. After you’ve gotten yourself setup, highly recommend getting your feet wet using Azure DevOps Pipelines and Intune App Factory.
Recommend checking out this update: Fix - Could not fetch access token for Azure
Devices ‧₊˚🖇️✩ ₊˚🎧⊹ ♡
▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄
I wanted to get rolling right away with playing around with some of the Autopilot v2 features that I just haven't had a chance to use. Rather than building several VMs to enroll in Autopilot, I used Ben Reader's Intune.HV.Tools.
Fun item of note - Ben made is super easy, each device's serial number is auto added to the notes section of the VM in Hyper-V.
Closing Thoughts
Since Midwest Management Summit in May, I’ve been pondering the theme that consistently came up in conversation, and during QA portions of various sessions, of change and the people side of our day jobs.
While this post was focused on getting your lab up and running, I think it’s quite imperative to focus on solutions that can help bring others onboard with modernization. Modeling collaboration to those around you and giving them that head start in helping build a more secure, and scalable, management methodology is really going to be what will start moving the needle in getting any environment into a better state.
