Enterprise Mobility and the Microsoft Cloud
A year ago I explained the policy processing in Windows 10 with Intune with the following article: Intune Policy Processing on Windows 10 explained At the time of writing the behavior of most Configuration Service Providers (CSPs) followed a tattooing model. Meaning once a setting got applied it wouldn’t change until you explicitly set a new…
Read More
If you work with Azure AD and especially in my case with Intune and Azure AD you have probably seen Object IDs in the Azure AD portal on the user objects, group objects, or in the Intune log files. Here a portal screenshot of a demo user: Here a screenshot of the Intune Management Extension…
Read More
In this article we dive into a way to completely switch the language of Windows 10 in a scripted way with the help of Intune and without the need for explicit language cab files. The new language setting will include the Welcome screen and New user defaults as well. This approach is beneficial for further…
Read More
Intune managed devices must be configured to leverage Delivery Optimization (DO) to reduce the overall internet bandwidth usage. It is a distributed cache solution using peer to peer transfers for content downloads. It is a very well designed solution especially for the cloud era. The latest addition to that concept is the so called Microsoft…
Read More
If you are running an environment with a modern management strategy where your clients are highly mobile and managed by cloud services, your built-in direct connection based tools like RDP or Remote Assistance are limited in usability for supporting your devices. In general with the mobile workforce nowadays we can’t rely on solutions needing a…
Read More
In this article we will dive into the basics of Windows 10 application assignments (Win32 apps) in Intune and the various differences depending on the situation (single user associated device, shared devices, non-primary devices). Microsoft Intune differentiates between the install intent based on the app assignment (required install, available for enrolled devices, or uninstall). Actually…
Read More
In this very short post I will show how you get your uploaded Intune PowerShell scripts again. If you work with Intune and especially with Intune PowerShell scripts to configure Windows 10 devices you probably looked at this dialog and wondered why you are not able to edit or download your already uploaded script again.…
Read More
How to cleanup Windows Autopilot device registrations via PowerShell script and Microsoft Graph.
Read More
Do you ever wanted to know what is going on behind the curtain when clicking MDM Sync on Windows 10? Gaining insights into how the SyncML representation protocol is used during device management of Windows 10 clients? With SyncML Viewer you have the chance to easily get deep insights now. I’ve written a small tool…
Read More
This guide will demonstrate how to enable the BitLocker startup PIN for pre-boot authentication on Windows 10 with Microsoft Intune. I will walk through how to accomplish this in a nearly fully automatic way. Let’s start with some facts around BitLocker to understand the technology more precisely. In fact, I think a pre-boot startup PIN…
Read More
In this post I will dive into the Intune policy processing on a MDM managed Windows 10 client. Intune is an MDM system and has the ability to deploy so called device configuration profiles to managed Windows 10 endpoints. We will have a look at the architecture, the settings, and the actual processing including the…
Read More
When dealing with modern management we always need a storage space to provide simple files like background images or other configuration files. This article will show an easy way to organize and provide files for modern desktops managed by Intune.
Read More
In this guide I will have a look at an easy way to deploy device certificates to modern cloud managed clients. Even without an Microsoft on-premises PKI your devices will get device certificates. These certificates can be used for Wi-Fi authentication for example. Normally if you want to deploy certificates to mobile devices you are…
Read More
Use of Azure Logic App to create email notifications with direct download link when new diagnostic log archives uploded to an Azure Blob Storage via DiagnosticLog CSP on Windows 10.
Read More
How-to gather on-demand diagnostic data from Windows 10 1903+ by utilizing the DiagnosticLog CSP via a MDM service like Intune.
Read More
Successful onboarding without the pitfalls to miss devices and analytics data.
Read More
The new Intune Win32 app management is a great way to deploy Win32 apps with Microsoft Intune. Imagine you have a kind of source share for all the .intunewin files you have created. At some point in time you like to modify a package but you do not have the source files right now, only…
Read More
Deploying BGInfo to quickly find your test devices or provide easy VM access during trainings with more visibility of the available user permissions.
Read MoreThis is a post about enabling BitLocker on non-HSTI devices with Windows 10 version 1809 and standard user permissions. First of all a little background on HSTI. HSTI is a Hardware Security Testability Interface. It is an interface to report the results of security-related self-tests. Its purpose is to provide high assurance validation of proper security configuration.…
Read MoreMicrosoft made it finally happen and provides an integrated way to deploy Win32 Apps via the Intune Management Extension. This is by far the biggest step forward in the Modern Management field. Until now the community came up with lots of ways to utilize PowerShell scripts to finally install some Win32 Apps. By doing this…
Read More
First of all, what an amazing experience to attend Microsoft Ignite 2018 in Orlando. All started off with a keynote by Satya Nadella followed by general announcement sessions and technical deep dive sessions. The key message was about “Tech Intensity”. This is described by changing your cultural mindset and your processes. Ultimately leading to a…
Read MoreI’m proud and I feel so honored to be awarded as an MVP – Enterprise Mobility today on the 1th of August 2018. It’s such a great community and I’m really looking forward to participate in the MVP program, interact with the product groups to get clarification on product features and to provide feedback. Despite…
Read More
Complete process automation of gathering and upload of a device Autopilot information to the Windows Autopilot service with an Azure Automation Runbook.
Read MoreI enjoyed some vacation and did a lot of customer work recently but I had the honor to speak at our SCConfigMgr.com Modern Management Summit 2018 event in London at the Microsoft Reactor. It was an amazing day and I had a lot of discussions around a cloud first modern management approach. If you like…
Read MoreRecently Microsoft enhanced the Intune Managed Browser experience with Mobile Application Management (MAM) and app-based Conditional Access (CA) a lot. It is integrated into the Conditional Access story as an approved app and supports the Azure AD Application Proxy very well now. What does this allow us to do now? We are now able…
Read More
Modern IT - Cloud - Workplace 