https://paulycloud.com/categories/intune-tips/Recent content in Intune Tips on PaulyCloudHugo -- gohugo.ioen© 2026 Simon Pauly Kofoed MoseMon, 18 May 2026 00:00:00 +0000https://paulycloud.com/posts/confirm-escrow-of-filevault-recovery-keys/Mon, 18 May 2026 00:00:00 +0000https://paulycloud.com/posts/confirm-escrow-of-filevault-recovery-keys/<p>A couple of weeks ago I wrote about <a href="https://paulycloud.com/posts/confirm-escrow-of-bitlocker-recovery-keys/" >confirming the escrow of BitLocker recovery keys</a> in Microsoft Entra — driven by the urgency of the Secure Boot certificate changes. On the macOS side, there is no equivalent certificate crisis forcing our hand right now, but that does not make FileVault key escrow any less important.</p> <p>macOS continues to grow as a platform in the enterprise. More and more organizations are offering Macs as a choice — or even a default — for their workforce, and with Apple Silicon delivering strong performance across developer, creative, and general productivity workloads, that trend is only accelerating. As your Mac fleet grows, so does the importance of managing it with the same rigour you apply to Windows.</p>https://paulycloud.com/posts/intune-tip-reset-windows-hello-container/Mon, 04 May 2026 00:00:00 +0000https://paulycloud.com/posts/intune-tip-reset-windows-hello-container/<p>Sometimes users need to have their Windows Hello for Business container reset. This can happen for a myriad of reasons:</p> <ul> <li>Biometrics stopped working</li> <li>&ldquo;Something went wrong&rdquo; errors during sign-in that won&rsquo;t resolve</li> <li>Trust relationship between the credential and Microsoft Entra ID broke</li> <li>User suspects their PIN was observed or compromised</li> <li>Device was lost briefly and recovered — user wants to re-key</li> </ul> <p>For this support request, you can easily push a small script using Intune&rsquo;s on-demand remediation feature (preview). All it does is use <code>certutil</code> to delete the Windows Hello container and return the exit code.</p>https://paulycloud.com/posts/confirm-escrow-of-bitlocker-recovery-keys/Mon, 27 Apr 2026 00:00:00 +0000https://paulycloud.com/posts/confirm-escrow-of-bitlocker-recovery-keys/<p>With the change of the Secure Boot certificates coming in fast and furious as summer approaches, it is paramount to ensure that your estate is ready to deploy the changes swiftly and securely.</p> <p>The change and deployment has been documented thoroughly by several great community articles and contributions in recent months, along with the expansion of Microsoft&rsquo;s own documentation on the subject.</p> <p>I will not delve further into that here other than to provide links for further reading, but if you&rsquo;re looking at a deployment guide, I would highly suggest taking a look at Mindcore&rsquo;s blog linked below:</p>