Ben Whitmore

11.6K posts

Ben Whitmore

@byteben

Secret Agent 🍸 @PatchMyPC | Microsoft MVP | MCT | Speaker | Certified Enterprise Administrator Expert @MSEndpointMgr #SavedByGrace #EatsCheeseMostly

The Cheese Counter Katılım Eylül 2012

750 Takip Edilen6.2K Takipçiler

Sabitlenmiş Tweet

Ben Whitmore@byteben·15 Ağu

New Blog Post: "SSO to domain resources from Azure AD Joined Devices – The MEGA Series" - Part 1 is published😍#MEMPowered #MSIntune #AzureAD #SSO #AOVPN #RRAS #NPS #NDES #SCEP msendpointmgr.com/2021/08/15/sso…

English

111

365

Ben Whitmore@byteben·5d

@EskimoRuler @Mister_MDM @PatchMyPC 😂

QME

Michael Escamilla@EskimoRuler·5d

@Mister_MDM @PatchMyPC @byteben

GIF

QME

Rudy Ooms@Mister_MDM·6d

Under the Hood of the Intune Certificate The Intune certificate matters more than most people think. That Certificate keeps the policy sync alive and is also needed for IME communication, which means apps and scripts depend on it as well. But when the certificate or its chain breaks, things can get funny. The device can still show a recent last check-in, while it is no longer able to receive the latest policies, apps, or scripts. In this webinar, we will explain what the Intune MDM device certificate does, what changed with the Intune Intermediate certificate renewal, why some devices may have missed it, and how to find devices that still appear healthy but may not be. But hey, it is all fine because the last check-in still moved… right? Register here: patchmypc.com/events/intune-… #Intune #MSIntune

English

Ben Whitmore retweetledi

Rudy Ooms@Mister_MDM·17 May

The IntuneWin downloader got another upgrade.... and it's even bigger than the previous one!! It now uses the WinUI3 Frontend, and you can select multiple apps at once. The best thing? It does NOT require an App Registration... just open the tool on any Entra/Intune-enrolled device, and you can download and extract all the apps available to you. #Intune #MSIntune github.com/call4cloud-cod…

Rudy Ooms@Mister_MDM

The IntuneWin Downloader got a small upgrade The first version depended on the local TokenBroker cache. Find the .tbres, decrypt it, pull out the token, and hope the right one was there. That worked, but it always felt a bit too fragile. So during #MMSMOA I changed that whole approach. The new tool now requests the needed tokens through WAM, uses the Company Portal catalog flow to discover the available apps, and then uses the IME SideCar flow with the local MDM device certificate to resolve, download, and process (decrypt) the content. Tomorrow morning I will post the blog with the Download link and the "how to" ...as requesting IME and CP tokens on my own with an app Reg is funny :) #Intune #MSIntune #PatchMyPc

English

183

22.2K

Ben Whitmore@byteben·11 May

@grbaypacker @mike_marable

GIF

QME

Nathan Nally@grbaypacker·11 May

@byteben @mike_marable This is great but can you create a dynamic group in entra based on this data (like we did with collections in SCCM)?

English

Ben Whitmore@byteben·9 May

Introducing Intune’s New App Inventory Feature. Pull up a chair, pour yourself something stronger than a martini, and let me show you what I found when I went poking around. msendpointmgr.com/2026/05/09/int… #MSIntune

English

3.8K

Ben Whitmore retweetledi

MSEndpointMgr@MSEndpointMgr·10 May

Blog post: The Company Portal app – A deep dive into bridges msendpointmgr.com/2025/02/09/com…

English

2.9K

Ben Whitmore retweetledi

ariaupdated@ariaupdated·24 Nis

#FunFact Today is THE DAY! Our new pause experience and some other pretty cool update improvements are now beginning to roll out, many with feature flags now available to be turned on for WIP Experimental (dev)!! 🥳🪇🥂🎈 #WindowsUpdates blogs.windows.com/windows-inside…

English

166

43.8K

Ben Whitmore retweetledi

Maurice Daly [MVP]@modaly_it·10 Nis

I'll be reaching out to some test users now, #DriverAutomationTool10 is just about cooked and ready for release. Just need feedback from some others first. #MSIntune #ConfigMgr

English

3.3K

Ben Whitmore retweetledi

Mattias Melkersen {MVP}@MMelkersen·7 Nis

If you’re treating the Secure Boot CA 2011 → CA 2023 transition as a “Microsoft will fix it for me” problem, be careful. My path to a fully patched environment blog.mindcore.dk/2026/04/secure… #Windows #MSIntune #PowerShell #SecureBoot

English

101

7.4K

Ben Whitmore@byteben·4 Nis

@acjuelich @xenappblog There was a bug that was fixed last week and has reoccurred for some tenants this week where MAA was suddenly in scope for application flows (automation) instead of just delegated flows . Is this what you saw?

English

219

Adam Juelich@acjuelich·3 Nis

One of my customers was having issues with #MSIntune Multi-Admin Approval and created a Support Case. This was their findings: "The engineer said there was a bug that several tenants have reported with the same issues. Microsoft has been working on it the last couple weeks and have a fix but not sure if it is stable. We worked with them again and tested and things seems to be working. She said that people in the Approvers group needed an Intune license to approve the commands." Has anyone run into the same thing?

English

Ben Whitmore retweetledi

Patch My PC@PatchMyPC·31 Mar

Our MVPs are at it again 🔥 @Mister_MDM and @byteben are running a masterclass on #Intune essentials. If #MSIntune is part of your world, this one's worth your time ➡️ bit.ly/3PFFPdk What’s still harder than it should be in Intune? We'd love to hear your thoughts. #MVPBuzz #ViaMonstraAcademy #ViaMonstraMasterclasses

English

1.1K

Ben Whitmore retweetledi

Maurice Daly [MVP]@modaly_it·30 Mar

So good it's skipping a few versions. Driver Automation Tool v10.0.0 is coming hard and fast. #MSIntune package testing underway, and hoping to have this #CheckedInByFriday #ConfigMgr #SCCM

English

123

6.6K

Ben Whitmore retweetledi

Maurice Daly [MVP]@modaly_it·27 Mar

A week of geeking at the #MVPSummit, results in Intune Guardian. Extended audit reporting is the first step, its free to use, and doesn't store your data. Check it out here - intuneguardian.com #MVPBuzz #MSIntune @SSkotheimsvik @NickolajA @sandy_tsang @JankeSkanke

English

5.2K

Ben Whitmore retweetledi

Bryan Dam@bdam555·16 Mar

#ConfigMgr/#SCCM peeps: new update for 2503/2509 that removes all attempts to set Scan Source settings. Unless you actively want some updates (ex. FUs) from ConfigMgr and others (ex. CUs) from Intune, then you never needed Scan Source in the first place. learn.microsoft.com/en-us/intune/c…

English

10.6K

Ben Whitmore@byteben·6 Mar

New blog post on the Security Copilot agents embedded in the Intune admin center experience. Worth the hype? We take a look and kick the tyres on them 💡 #SecurityCopilot #MSIntune #Agents msendpointmgr.com/2026/03/03/sec…

English

955

Ben Whitmore@byteben·22 Şub

Intro video if your curious what it looks like youtu.be/CrBY9pKy7Bo?si…

YouTube

English

550

Ben Whitmore@byteben·22 Şub

📣 New Tool: Microsoft 365 Apps Deployment Helper Automates Intune packaging from Office XML → ready-to-deploy packages (.intunewin, detection, install/uninstall, offline support). Predictable, repeatable, automated deployments. 🔗 github.com/byteben/M365-D… #MSIntune #M365

English

Ben Whitmore retweetledi

Mattias Melkersen {MVP}@MMelkersen·19 Şub

New blog post: Secure Boot. Less theory, more real-world rollout. Focused on minimizing noise, support tickets, and disruption. More to come with real world examples blog.mindcore.dk/2026/02/window… #Windows #SecureBoot #MSIntune

English

3.1K

Ben Whitmore@byteben·11 Şub

@NathanMcNulty @m0bilej0n @DylanOwendylan We need a big button with an animated headshot of Negan from TWD saying “lock this shit down”

English

Nathan McNulty@NathanMcNulty·11 Şub

@m0bilej0n @DylanOwendylan @byteben The biggest issue to me is the always growing list of crap we have to manage and maintain... There's no attempt to simply or make this easier either :( Thousands of policy options just on Windows, hundreds of browser policy options, hundreds of Office policies, bleh :-/

English

Ben Whitmore retweetledi

Nathan McNulty@NathanMcNulty·10 Şub

If you aren't enforcing a browser extension allowlist, the time to change that was yesterday :( It's not that creating malicious extensions was hard before, the volume was lower @byteben has an excellent guide to inventory and lock down extensions here: msendpointmgr.com/2025/10/04/tam…

David Ch@chhddavid

BREAKING: @claudeai just got a massive upgrade today and I'm so happy to be a part it. From now on, Claude Opus 4.6 can build Chrome Extensions for every Chromium-based browser. We just launched Shipper, a tool that lets Claude: ✅ Build complete Chrome Extensions ✅ Recreate existing Extensions ✅ Ensure multi-browser comatibility ✅ Write privacy policies ✅ Autofill entire Chrome Web Store listings Claude Opus 4.6 can do all the above in 1 simple prompt for as low as $0.11/extension... And it takes minutes, not hours! Open up Shipper and ask Claude to "create a free ad block extension" or "auto-invite 950 people weekly on linkedin". Since this is a very special launch, if you comment "shipper" you will get FREE credits :)

English

162

21.4K

Ben Whitmore@byteben·10 Şub

@NathanMcNulty Good message reinforcement Nathan, thanks! Trust by popularity is the trap here - “It’s offered through my browser, it must be safe right?”

English

349

Keşfet

@EskimoRuler @Mister_MDM @PatchMyPC @grbaypacker @mike_marable @acjuelich @xenappblog @SSkotheimsvik