Tag
#intune
7 posts tagged #intune.
-
Field Note · Jul 7, 2026 · Colten Anderson
Two profiles, one setting: how to catch the MDM overlap that makes enforcement random
When two configuration profiles set the same value on one device, macOS and Intune stop enforcing it deterministically. Here are the detection commands and reports that find the overlap before it burns you.
-
Field Note · Jul 6, 2026 · Colten Anderson
Audit your GPO sprawl before you commit to an Intune migration date
The blocker on a GPO-to-Intune migration isn't the cloud mechanics. It's the hundreds of undocumented policies you've been running on autopilot. Here's how to size the real work before you pick a date.
-
Field Note · Jul 5, 2026 · Colten Anderson
The Intune device that passes Conditional Access without ever being checked
Intune's default scores an unpoliced device as compliant, and Conditional Access opens the gate for it. Here's how to audit the gap and flip the switch without locking anyone out.
-
Field Note · Jun 30, 2026 · Colten Anderson
The Security Update Broke Production: A Rollback Runbook
A step-by-step runbook for when a security patch takes down production: pause the rollout, scope the damage, decide roll-back vs fix-forward, and keep the rolled-back host from becoming a silent unpatched asset.
-
Field Note · May 29, 2026 · Colten Anderson
Enforcing and proving BitLocker TPM+PIN across an Intune fleet
Requiring a startup PIN is one toggle. Landing it on already-encrypted devices and proving it took across the whole fleet is the actual work. Here's the enforce-and-verify runbook.
-
Field Note · May 15, 2026 · Colten Anderson
Patching Windows when your test ring is two laptops
Microsoft's deployment-ring guidance was written for orgs where 5% of the fleet is dozens of machines. Here's what the model actually buys you when 5% is two laptops, and what to substitute for the rest.
-
Field Note · May 15, 2026 · Colten Anderson
Recovering from a bad Intune deployment without making it worse
Stop the spread, unwind the damage, verify it took. A failure-mode-to-action playbook for when a config profile, app push, or CA policy goes sideways.