Posts

Showing posts from April, 2023

Windows LAPS, secure your local admin accounts using Microsoft Intune

Image
LAPS lets you manage local account passwords on Windows devices. The solution allows you to control and securely recover the built-in local administrator password. Limited until now to On-premise integration, this solution represented an obstacle to the migration of certain customers to full cloud management of their IT equipment. With the availability of the cloud version of LAPS, customers can now manage securing their Azure AD devices' on-premises Admin accounts and Azure AD Hybrid Join devices from the Microsoft Intune or Microsoft Entra console. 1. Prerequisites for Windows LAPS Microsoft Intune and Azure subscription Windows 10/11 licences , Pro, Enterprise or Education edition Hybrid Azure AD or Azure AD joined devices. An administration account with the necessary rights to perform the different steps. 2. Service activation We have two possibilities, go through the Azure console or Microsoft Entra. In my case, I opt for activation via Microsoft Entra. Go to Microsoft Ent

Rename devices with PowerShell and Microsoft Intune

Image
Renaming a device manually is quick and easy when we only have one device to fix. But when it comes to doing a large number of devices, then it is better to automate this action. Today, there is the method via CSP but which can have a rather random behavior, in particular on the reporting, console side. I therefore share with you a PowerShell script which, deployed with Microsoft Intune, will allow you to quickly rename your machines. Script overview This script detects the type of device used:  If it's a virtual machine , it takes the defined prefix  (CCMT in my example)  and adds a numeric complement generated with Get-Random command For physical machines , it retrieves the serial number and adds the prefix  (CCMT in my example) The user is informed that his device has received changes and that it will restart automatically in a few minutes. The script is available on Github :  Link Script integration & deployment Prerequisites The prerequisites are: Convert script to .intune