The “push-button reset” (PBR) is the way to do a “factory reset” on Windows 10. It constructs a fresh Windows 10 installation and we can start over again. Implementing a Microsoft 365 powered device mobility concept for a modern workplace with Windows 10, makes usage of Windows as a Service and provides new ways of…
Read MoreAll articles filed in Modern Management
Configure Delivery Optimization with Intune for Windows Update for Business
When using the Modern IT approach and building Microsoft 365 powered devices it is a combination of the following cloud services for Modern Management: Microsoft Azure Active Directory for Identity Microsoft Intune for Management Windows Update for Business for Servicing Windows Analytics to Monitor To support the Windows as a Service strategy with cloud services we rely on the…
Read MoreHow to disable SMBv1 with Intune [deep dive analysis]
I recently got motivated to research a bit about new MDM settings available in the latest Windows 10 Insider Build (17074) and how to configure them. Settings available in preview Windows 10 versions normally do not have a lot of technical documentation for it or there is even no documentation for a particular feature and…
Read MoreConfiguring Windows Defender Credential Guard with Intune
The Windows Defender Credential Guard is a feature to protect NTLM, Kerberos and Sign-on credentials. Windows 10 Enterprise provides the capability to isolate certain Operating System (OS) pieces via so called virtualization-based security (VBS). NTLM and Kerberos credentials are normally stored in the Local Security Authority (LSA). Once VBS is enabled the LSASS process will…
Read MoreDeep dive Microsoft Intune Management Extension – PowerShell Scripts
Microsoft made a big step forward in the Modern Management field. Limitations like custom configurations or even Win32 App installs can be addressed now. Microsoft developed an EMS agent (aka SideCar) and released it as a new Intune feature called Intune Management Extension. This agent is able to manage and execute PowerShell scripts on Windows 10…
Read MoreGather Windows 10 Autopilot info in Azure Blob Storage during wipe and reload
UPDATE 22/07/2018: New blog post Automation of gathering and importing Windows Autopilot information The Modern Management strategy is based on Enterprise Mobility + Security and additional services like Office 365. Microsoft created a new SKU called Microsoft 365 for this. To complete the big picture we need some additional services: Microsoft Store for Business Windows Analytics Windows…
Read MoreDeep dive ADMX ingestion to configure SilentAccountConfig with OneDrive
Since Windows 10 1703 you can use a feature called ADMX ingestion to extend policy settings in Intune. What it basically does is to parse an ADMX file and build a MDM policy of it. In the end you can configure the ADMX settings via OMA-URIs in Intune. More details about ADMX ingestion can be…
Read More