Another week, another excellent wave of content from the enterprise mobility community. The 22nd May edition of the EUC round-up covers a lot of ground — from a comprehensive troubleshooting guide and a new sync debug tool, to macOS Platform SSO, hybrid AVD deployment, and two notable Microsoft cloud updates. Here is everything worth reading this week.
Troubleshooting and Tools
The Ultimate Intune Troubleshooting Guide
Niklas Tinner published what may be the most complete single-reference troubleshooting guide for Intune to date. It covers common tenant-side and device-side issues with a structured methodology — the kind of resource worth bookmarking for your next P1 incident. Read it at oceanleaf.ch.
Intune Sync Debug Tool V2
Rudy Ooms released a new version of his PowerShell-based sync debugging tool, built specifically to diagnose and resolve persistent device synchronisation failures. If you have ever stared at a device stuck in a pending state with no obvious cause, this is the tool to reach for. Full breakdown and code available at call4cloud.nl.
Handling Profile Exceptions
Managing the edge cases in your configuration profile architecture — exclusions, overlapping baselines, one-off device overrides — is one of the messier parts of running Intune at scale. Joe Loveless published a practical approach to dealing with these exceptions cleanly, without turning your environment into a policy sprawl. Read his post at joeloveless.com.
Custom PIM Activation Portal
Sebastian Markdanner introduced a self-hosted, mobile-ready PWA portal designed to improve the experience of Privileged Identity Management activations for both admins and end users. It is a lightweight alternative to the standard Azure portal flow, with a cleaner UI and mobile support baked in. Details at chanceofsecurity.com.
Scripts and Admin Utilities
On-Demand Log Collection to SharePoint
Damien Van Robaeys shared a proactive remediation script that allows admins to collect any logs from a remote Windows device and upload them directly to a designated SharePoint location — no VPN, no RDP session required. The configuration walkthrough is at systanddeploy.com.
Get Primary User and Last Sync via Script
Imran Awan published a quick, practical snippet for pulling a device’s primary user and its last successful Intune sync time from a script. Straightforward and immediately useful for inventory or health-check automations. Find it at modernizingmobility.blogspot.com.
Intune Data Warehouse and Power BI
If you want to move beyond the built-in Intune reports and build custom dashboards in Power BI, Michael Frank’s primer on the Intune Data Warehouse is the right starting point. It covers the data model, connection setup, and a few practical report examples. Read it at michaelsendpoint.com.
macOS and Virtualisation
macOS Platform SSO with Automated Device Enrollment
Maurice Daly published a timely deep dive into how the new Platform SSO features interact with Automated Device Enrollment (ADE) on macOS. The post breaks down both the backend authentication flow and the actual user registration experience — essential reading for anyone managing Apple hardware in enterprise. Maurice also released an updated version of the widely used Driver Automation Tool for Windows deployment pipelines this week.
Deploying Hybrid AVD Session Hosts
Dieter Kempeneers followed up his architectural overview with a hands-on deployment guide for hybrid Azure Virtual Desktop session hosts — covering how to configure on-premises VDI infrastructure and connect it to AVD. A practical step-by-step if you are extending an existing on-prem environment rather than going cloud-native. Available at kempeneers.eu.
Windows 365 Enterprise Configuration
Jeroen Burgerhout continued his Windows 365 Wednesdays series with a configuration guide for Windows 365 Enterprise environments. If you are standing up Cloud PCs for the first time or hardening an existing deployment, his structured walkthrough is worth the read at burgerhout.org.
Spotlight: Enhanced Windows App Inventory
One of the most talked-about platform shifts this week is the enhanced app inventory preview for Windows devices. Peter van der Woude highlighted the feature as a significant step beyond the legacy Discovered Apps report — which was notoriously inaccurate and slow to refresh. The new inventory uses an updated upload mechanism to give admins much tighter, near-real-time visibility into what software is actually running on endpoints.
Microsoft Cloud Updates
Updated Secure Boot Status Report in Windows Autopatch
Harman Thind detailed changes to Autopatch reporting that provide clearer, more actionable status information about Secure Boot update compliance across managed devices. If Secure Boot is part of your fleet’s compliance baseline, the updated report is worth reviewing. Full details on the Windows IT Pro Blog.
Admin Insights for Windows 365 (Preview)
A new preview feature covered by Madeline Carr introduces built-in admin insights for Cloud PCs — giving IT pros a consolidated view of outstanding issues and optimisation opportunities for their Windows 365 deployment, without needing to build custom reports. Read the announcement on the Windows IT Pro Blog.
That covers this week’s EUC round-up. A strong batch of community tooling alongside two useful official platform updates — the sync debug tool and the log collection remediation alone are worth your time this weekend.
