Expertise Areas
Tools by Ugur Koc
Device Offboarding Manager
A PowerShell-based GUI application for streamlined device lifecycle management across Microsoft cloud services. Enables bulk device offboarding from Intune, Autopilot, and Entra ID from a single interface. Features real-time dashboard analytics, stale device tracking, automatic BitLocker and FileVault key retrieval, CSV/TXT import for bulk operations, and pre-built playbooks for automated workflows.
Intune Assignment Checker
A PowerShell-based auditing tool for IT administrators managing Microsoft Intune. Provides comprehensive analysis of policy, app, and configuration assignments across users, groups, and devices. Features include assignment verification, policy discovery, empty group detection, HTML report generation with charts and dark/light mode, CSV export, and support for multiple authentication methods including certificate-based automation.
Intune Automation
A collection of community-tested PowerShell scripts for automating Microsoft Intune management tasks. Features device lifecycle management, compliance reporting, application deployment automation, and threat detection workflows. Scripts support both local execution and Azure Automation Runbook deployment with automatic environment detection for authentication. Uses direct Graph API access for minimal dependencies and easier troubleshooting.
Intune Changelog
A web-based tool for visualizing and tracking Microsoft Intune configuration changes. Displays audit logs in a beautiful, interactive timeline interface for easy monitoring of system modifications. Features a privacy-first approach with all data processing happening client-side in your browser without server transmission.
Intune Documentation
A free web application that generates comprehensive PDF documentation for Microsoft Intune configurations. Automatically exports all configuration types including device configurations, compliance policies, security baselines, PowerShell scripts, and Conditional Access Policies with full settings, assignments, and filters. Features customizable branding with logos, colors, headers, and footers. Uses read-only OAuth 2.0 authentication with no persistent data storage.
Intune Mac Admins
A community-driven documentation hub for macOS management within Microsoft Intune. Features guides, scripts, tools, and best practices contributed by IT professionals and Microsoft MVPs. Includes a Copilot assistant for macOS management queries and integration with the Open Intune Baseline (OIB) project for curated device management settings.
Intune Monitoring
Free, customizable Azure Workbook dashboard templates for monitoring Microsoft Intune environments. Provides real-time visibility into device compliance, enrollment status, application deployments, security posture, and OS updates. Deploys in under 60 seconds with no app registration or custom permissions required. Data remains within your tenant with full customization support for queries, branding, and visualizations.
IntuneBrew
A macOS app deployment and patch management solution for Microsoft Intune. Features a web portal for app management, PowerShell script automation, and Azure Runbook integration for scheduled updates. Supports 510+ macOS applications with automated version comparison, intelligent patch management, and robust error handling with automatic retry mechanisms. Includes certificate-based and interactive authentication options.
KQL Search
A specialized search engine for discovering Kusto Query Language (KQL) queries. Features query discovery across Microsoft Sentinel, Defender, and Azure Data Explorer, along with a Query Assistant, Query Generator, Query Lab for testing, and Device Query functionality. Aggregates community-contributed hunting queries and detection rules for threat hunting, vulnerability management, and incident response.
TenuVault
TenuVault is a safe backup and restore solution for Microsoft Intune configurations. It backs up Intune policies to JSON files, detects configuration drift, and restores by creating new policies with a [Restored] prefix - never overwriting existing ones. It supports multiple export formats (JSON, CSV, HTML), full audit logs, and a read-only backup model with preview mode to ensure non-destructive changes.
Windows Autopilot Import GUI
A PowerShell-based GUI tool that streamlines Windows Autopilot device enrollment during the Out-of-Box Experience (OOBE). Automates hardware hash collection and submission to Autopilot with Group Tag selection support and automatic system reboot after profile assignment. Includes network connectivity diagnostics to troubleshoot configuration issues. Built on Michael Niehaus's Get-WindowsAutoPilotInfo script.