Microsoft Graph Explorer PowerShell: Simplifying API Calls, First Look at IntuneDiff
Plus: Conditional Access to Zero Trust Compliance Report with PowerShell
Hey all, here is another week of great PowerShell content. Shout out to Youssef Sherif Wahib, a fellow PowerShell Engineer in Cairo who recently reached out to me on LinkedIn. I know a lot of you subscribed after finding my work on YouTube. However, if you haven’t and if you are looking for a great starting point, check out my video, Learn PowerShell in less than 2 Hours, below.
Also, if you want to support my work and help me keep it free, please consider becoming a paid subscriber!
PowerShell Videos
Learn PowerShell in Less than 2 Hours
4 Windows Features that You’ll Only Unlock with PowerShell
RINGBELL has an interesting video about four Windows features that can only be unlocked using PowerShell. The video explores how PowerShell can be used to access a hidden layer of control within Windows that is not available through the standard graphical user interface.
Andrew Pla sits down with Microsoft MVP Steven Judd to talk about navigating the “valley of despair” in tough topics like PowerShell, certificates, or regex and why this is where growth happens.
Eric Parker reviews how a particular piece of malware crashes PowerShell and how to remediate the issue.
PowerShell Community News
Microsoft Graph Explorer PowerShell: Simplifying API Calls
Here is a great article by Mike Kanakos that gives an overview of the Microsoft Graph Explorer's PowerShell code snippets, a tool that simplifies using the Graph API by auto-generating PowerShell commands from queries.
https://petri.com/microsoft-graph-explorer-powershell/
First Look at IntuneDiff - MSEndpointMgr
Simon Skotheimsvik has a great article on IntuneDiff, a community-developed tool that helps Microsoft Intune administrators compare policies across tenants to find differences, conflicts, and coverage gaps. The tool supports online and offline modes, including bulk import via Azure Blob Storage, and can export its findings to HTML or XLSX.
https://msendpointmgr.com/2025/08/29/first-look-at-intunediff/
Identity and Network Security Practitioner Webinar Series
Laura Viarengo has a great article about a three-part webinar series in October 2025 focused on unifying identity and network access with Microsoft Entra to enhance security through Zero Trust measures. The series covers why a unified approach is important, the foundational steps for implementation, and a practitioner's playbook for deploying the Microsoft Entra Suite.
Automating Microsoft Graph Deployments Using Azure DevOps
Brian Veldman has a great article on how to securely call Microsoft Graph from an Azure DevOps pipeline. The article demonstrates how to use service connections based on Workload Identity Federation to automate tasks like creating groups, setting policies, and registering apps without long-lived secrets.
https://cloudtips.nl/automating-microsoft-graph-deployments-using-azure-devops-9c9939e32c28
Beat the Clock: A Free PowerShell Script for the Sept. 30 Legacy MFA Retirement Deadline
JJ Milner has a great article on a free PowerShell script he developed to help organizations meet the Microsoft deadline for legacy MFA retirement. The script provides a data-driven approach to assess migration risk and identify urgent security gaps, generating actionable reports and a user communication toolkit.
https://substack.com/home/post/p-173505400
Search and download Microsoft Updates using the MSCatalogLTS PowerShell module
Harm Veenstra has a great article on using the MSCatalogLTS PowerShell module to search and download updates from the Microsoft Update Catalog. The post explains that this module is a long-term support version that picked up where the old, unmaintained MSCatalog module left off.
Conditional Access to zero trust compliance report with Powershell
Jan Mulder has a great article on a PowerShell module he developed called CAREPORT that generates a compliance report for Conditional Access policies based on Zero Trust principles. The article explains how to use the module to map policies against the pillars of Zero Trust and create a detailed HTML report for auditing.
Always On VPN RRAS and PowerShell 7
Richard M. Hicks has a great article on a subtle difference in how PowerShell 7 displays certificate information for Always On VPN's Routing and Remote Access Service (RRAS) compared to its predecessor. The post provides a simple PowerShell command to convert the output and introduces a new function in his AovpnTools PowerShell module to simplify the task.
https://directaccess.richardhicks.com/2025/09/16/always-on-vpn-rras-and-powershell-7/
Dynamically Construct a PowerShell GUI, Part 2
Brien Posey has a cool article on how to dynamically generate a PowerShell GUI from a SQL database. The article, which is the second part in a series, provides code examples that show how to create a flexible, data-driven interface that can update values in a SQL database based on user input.
https://redmondmag.com/articles/2025/09/10/dynamically-construct-a-powershell-gui-2.aspx
PowerShell MCP Azure Function Server
Darren Robinson has a great article on how to create a PowerShell MCP (Model Context Protocol) Azure Function Server to expose your PowerShell modules to AI clients like GitHub Copilot and Claude. The post details how to use Azure Functions running on a Windows consumption plan to execute PowerShell cmdlets natively, allowing you to empower AI with your existing PowerShell tools.
https://blog.darrenjrobinson.com/powershell-mcp-azure-function-server/
Jeff Hicks, on his Behind the PowerShell Pipeline blog/newsletter, has a great article on using PowerShell's eventing features to monitor file system changes. The post discusses how to use both CIM Indication Events and System.IO.FileSystemWatcher to watch for creations, deletions, and modifications to files and folders, while noting that neither method can track changes to file content.
https://buttondown.com/behind-the-powershell-pipeline/archive/file-system-fixations/