Although it's possible to migrate a cloud group from on-premises to Entra and sync group members managed in the cloud back to AD, the documentation omits crucial steps. I hope this helps you experiment with this process.
01.08.2025 22:26 β π 1 π 0 π¬ 0 π 0
Firstly, yes, this is reversible.
Secondly, the SID stays the same.
Thirdly, your groups need to be universal in order to sync back from Entra to ADDS. This isn't documented properly.
Fourthly, Cloud Sync is a prerequisite but doesn't explain how to set it up properly.
01.08.2025 22:26 β π 1 π 0 π¬ 1 π 0
Embrace cloud-first posture and convert Group Source of Authority (SOA) to the cloud (Preview) - Microsoft Entra ID
Learn about Source of Authority (SOA), including prerequisites, supported scenarios, and step-by-step guidance for IT Architects and Administrators.
You can now specify whether an #ADDS group is an #EntraID group or on-premises. This is called a 'change of SOA'. However, be aware that, since @ajf8729.com and I have only just tried this out, the documentation is incomplete for now. Let me explain...π§΅
learn.microsoft.com/en-us/entra/...
01.08.2025 22:26 β π 2 π 0 π¬ 1 π 2
toolbox/Intune/Platform Scripts/Reset-WindowsUpdateSettings.ps1 at main Β· MHimken/toolbox
This is my toolbox. Watch where you step. Contribute to MHimken/toolbox development by creating an account on GitHub.
#WindowsUpdate: Thinking of moving to #Intune and/or #Autopatch? Used GPOs or any RMM tool (yes CM too) to adjust the update settings? This cleanup script is for you. I recently received some requests for this again, so I'll share it once more.
github.com/MHimken/tool...
#MVPBuzz
31.07.2025 12:02 β π 1 π 0 π¬ 0 π 0
Windows 11 cloud-native migration with Microsoft Intune - Windows IT Pro Blog
Learn how to migrate domain-joined, co-managed Windows 10 devices to Microsoft Intune managed Windows 11.
'Windows 11 cloud-native migration with Microsoft Intune'.
There's a great article from @onpremcloudguy.com with lots of useful information in the links. Afterwards, you can read my blog to find out about other relevant technologies π
techcommunity.microsoft.com/blog/windows...
29.07.2025 09:49 β π 1 π 0 π¬ 0 π 0
Unattended access with Remote Help is on its way!
Bear in mind that this is the GA date, so there may be a (private) preview available to join. I still highly recommend checking out the MMCCP to participate in early previews. techcommunity.microsoft.com/blog/windows...
#MVPBuzz
29.07.2025 09:12 β π 1 π 0 π¬ 0 π 0
July 22, 2025βKB5062660 (OS Build 26100.4770) Preview - Microsoft Support
β οΈβ οΈThe preview update for #Windows 24H2 allows you to pin apps to the start menu ONCE (aka boolean). No mention of how yet though πFinally, no more playing around with start2.bin
Also: Quick Machine Recovery and many more things - go read now!
support.microsoft.com/en-us/topic/...
#MVPbuzz
23.07.2025 20:45 β π 2 π 1 π¬ 0 π 0
Yes I did. Even after fully removing all Graph modules and only installing the modules required I saw authentication errors. I think I went back as far as 2.20 to make it work. If youβre curious I can look up the module that failed.
22.07.2025 09:33 β π 0 π 0 π¬ 1 π 0
This post does not have enough attention yet. 2.29.1 seems to finally solve the authentication issues that existed in Microsoft.Graph.Authentication for a good while now. Run your Update-Module now!
22.07.2025 08:00 β π 1 π 0 π¬ 1 π 0
Windows Autopilot requirements
Software, Networking, Licensing, and Configuration requirements for Windows Autopilot.
In case you're using a Windows 11 IoT version and it isn't a Microsoft Teams Room device, here's a reminder that (since may actually) Autopilot is _not_ supported.
learn.microsoft.com/en-us/autopi...
I can only assume that's because it - by default - skips the OOBE.
21.07.2025 14:56 β π 1 π 0 π¬ 0 π 0
Windows Hello for Business policy settings
Learn about the policy settings to configure Configure Windows Hello for Business.
TIL: Using #Windows #24H2 with activated VBS (which is enabled by default on Windows 11) #WHfB PIN expiration and history are _not supported_. Time to change change some policies...
learn.microsoft.com/en-us/window...
08.07.2025 08:01 β π 0 π 0 π¬ 0 π 0
Oh wow, I just set up another PoC for GSA and checked the recommended ports for domain controllers. That list was extended by a _lot_. This will be hard to argue with some security folks. Mind you the 4 ports before were enough to get a TGT. learn.microsoft.com/en-us/entra/...
27.06.2025 06:28 β π 1 π 0 π¬ 0 π 0
@jgkps and I will be speaking at not just one, but two sessions at #WPNinjasUK25! I'm looking forward to seeing Scotland and meeting more people to discuss passwordless and cloud-native devices with!
wpninjas.uk
Bring your questions if you've signed up!
31.05.2025 20:02 β π 1 π 0 π¬ 0 π 0
And youβre as correct there as here β€οΈππ»
30.05.2025 18:23 β π 1 π 0 π¬ 0 π 0
Almost all customers requested this when we did the PoC. βWe canβt protect the client otherwise!β. Right, but you should worry about the identity first and you donβt even enforce MFA let alone phishing resistant authβ¦
30.05.2025 09:40 β π 1 π 0 π¬ 1 π 0
Announcing Windows Backup for Organizations - Windows IT Pro Blog
Apply for the limited public preview of Windows Backup for Organizations.
#Windows #Backup for organizations is finally showing up on public radar!
This will allow you to save and restore ... things from W10 to W11 or W11 to W11 (think wipe).
Accessing the MMCCP also just became easier - I recommend joining π
techcommunity.microsoft.com/blog/Windows...
27.05.2025 21:58 β π 0 π 0 π¬ 0 π 0
Finally getting a chance to use my mug from @intune.best from @mmsmoa.bsky.social.
Sure makes my morning coffee thst much better π Thank you, Martin!
27.05.2025 16:09 β π 3 π 1 π¬ 0 π 0
Dealing With CVE-2023-24932, aka Remediating BlackLotus
CVE-2023-24932. 2023 feels like so long ago, and yet, this is still an issue. Why? Because itβs quite frankly a mess to deal with and has multiple moving parts. I highly recommend reading thoβ¦
My take on remediating #BlackLotus via #Intune Remediations & #ConfigMgr CIs. It sure was fun to code up and test as much as I was able to. Please let me know if you have any feedback or run into any issues if you try the scripts out!
ajf.one/blacklotus
19.05.2025 13:54 β π 4 π 2 π¬ 1 π 0
Moving Teams Android Devices to AOSP Device Management | Microsoft Community Hub
Take action now if you Administer Android Based Teams Devices in your Organization
Reminder that starting TOMORROW (15th of May) your current Microsoft Teams Android devices will start moving to Intune Android Open Source Project device management. Here's a list of dates and devices that will be impacted.
techcommunity.microsoft.com/blog/microso...
14.05.2025 13:10 β π 0 π 1 π¬ 0 π 0
OneDrive und persΓΆnliche Microsoft Accounts β mAnimA.de
OneDrive darf im GeschΓ€ftsumfeld standardmΓ€Γig persΓΆnliche Accounts verwenden. Jetzt werden Benutzer auch dazu aufgefordert. Ein Risiko?
Ausnahmsweise gibt es heute einen Beitrag auf Deutsch: OneDrive und MSA (also persΓΆnliche Accounts) sind momentan hier und auf anderen Plattformen in aller Munde. Zu Unrecht. Viele machen aus zwei bereits lange bekannten Einstellungen einen Elefanten.
manima.de/2025/05/oned...
11.05.2025 21:05 β π 0 π 0 π¬ 0 π 0
#MMS MOA HAS STARTED! Looking forward to meeting a lot of people! Here is a couple of em:
@jgkps.bsky.social @conditionalaccess.uk @skotheimsvik.no
05.05.2025 00:32 β π 11 π 1 π¬ 0 π 0
Time to leave for #MMS into Iceland to pick up the great @jgkps.bsky.social! If youβre there Iβll see you soon! For everyone else: Iβll be out of commission for a week π
03.05.2025 11:22 β π 4 π 0 π¬ 0 π 0
Upcoming network requirement changes - yes, including Intune β mAnimA.de
Intune network requirements are changing, if you're controlling outgoing traffic flow, you might want to read this!
#Intune #Azure #DevOps
In case you hadn't noticed: There are still ongoing changes to all azureedge.net endpoints. If you filter outgoing traffic, please make sure you adjust your network accordingly.
manima.de/2025/04/upco...
30.04.2025 20:23 β π 2 π 1 π¬ 0 π 0
#CIS Benchmark v4 for #Intune and #Windows11 has been published as of two days ago! I recommend you check out the changes as soon as you get access to it. This has been in the work for months! #cybersecurity
28.04.2025 13:08 β π 1 π 3 π¬ 0 π 0
And thatβs a wrap! #MEMsummit 2025 was great! Thanks for everyone attending my sessions, I hope they brought value to your life π
Letβs hope weβll meet again next year. Wish me luck on getting home because my train has been cancelled.
#DeutscheBahn didnβt deliver!
25.04.2025 15:07 β π 6 π 0 π¬ 0 π 0
Modern Workplace Geek and dual Microsoft MVP: Security and Windows! #Security #MSIntune #Microsoft365 #TeamAPENTO
Freelance Consultant - Dual Microsoft MVP (Microsoft Intune & Windows 365) | Microsoft Certified Trainer | Technology Architect
Senior Consultant at @onevinn working with Enterprise Mobility, Intune, Windows 11, Windows 365, EUC. Microsoft MVP - Security and MCT
Family Super Dad π¦ΈββοΈ | Audi Enthusiast π | βοΈ Consultant | Microsoft MVP in Windows & Devices | Windows Cloud Champion | Speaker π€ | Talks About #MSIntune | #Security π | #Windows365 and moreβ¦
π¨βπ» Blogs on http://osdsune.com & http://blog.mindcore.dk
I live for Identity and Enterprise Mobility in the Microsoft Cloud π
π Microsoft MVP
π€ Entrepreneur (inciro.com)
Bit of a geek, enjoys working with Intune and PowerShell. Many years experience across industries. Microsoft MVP
Senior Product Manager @Microsoft Security
{"Title":"Microsoft MVP","Talks About":"Intune, Autopilot, MMP-C ","Function":"Master Chief Content creator PMPC","Blog":"https://Call4cloud.nl"}
Founder of MSEndpointMgr.com
Microsoft MVP (2016 - Present)
Blog - https://msendpointmgr.com
X / Twitter - https://x.com/NickolajA
Reddit - https://www.reddit.com/r/MSIntune
Microsoft Security MVP, Intune & Identity and Access | Modern Workplace Consultant | Workplace Ninja User Group Netherlands | Secure At Work
Intune, ConfigMgr and a twist of PowerShell
#BlackBeltProblemSolverπ₯
@PatchMyPC π
Serious proclivity for π§
Microsoft MVP Security (Intune) & Windows and devices -
Senior Modern workplace Consultant at Wortell
-
Blogger @ http://inthecloud247.com
#MVPBuzz #MsIntune
https://linktr.ee/peterklapwijk
Microsoft MVP: Intune and Windows
#ConfigMgr | #MSIntune | #Windows10 | #Windows11 | #Azure | https://www.youtube.com/channel/UC3Kii1MYmVNmla5VgWIGqwA | blog.mindcore.dk | msendpointmgr.com
Microsoft Intune geek. Check out the blog sites for more information , tips & tricks on Microsoft Intune.
https://intunestuff.com | https://intunemacadmins.com | www.linkedin.com/in/joery
Systems Management, M365, and some things in between. ViaMonstra Academy Office Hours Live! Wed @ 4:30PM CST https://www.youtube.com/@ViaMonstraOnlineAcademy
![Michael Mardahl [MVP] βοΈ](https://cdn.bsky.app/img/avatar/plain/did:plc:4mf73mf65lhu63deqiuyhxfw/bafkreicset65sl2c3jttzl4mowdxajytnmdfzp7ytuluw5rbftsekkfrka@jpeg)
