Today we are going to look under the hood of certificate requests or renewals on an MDM (Intune) managed Windows client. The environment is simple and uses a Windows client and SCEPman as the Cloud CA, which is easily set up and nothing more than an Azure App Service. It is especially interesting, as this…
Read MoreAll articles filed in CSP
How to completely change Windows 10 language with Intune
In this article we dive into a way to completely switch the language of Windows 10 in a scripted way with the help of Intune and without the need for explicit language cab files. The new language setting will include the Welcome screen and New user defaults as well. This approach is beneficial for further…
Read MoreDelivery Optimization with Intune and Microsoft Connected Cache (MCC)
Intune managed devices must be configured to leverage Delivery Optimization (DO) to reduce the overall internet bandwidth usage. It is a distributed cache solution using peer to peer transfers for content downloads. It is a very well designed solution especially for the cloud era. The latest addition to that concept is the so called Microsoft…
Read MoreIntune Policy Processing on Windows 10 explained
In this post I will dive into the Intune policy processing on a MDM managed Windows 10 client. Intune is an MDM system and has the ability to deploy so called device configuration profiles to managed Windows 10 endpoints. We will have a look at the architecture, the settings, and the actual processing including the…
Read MoreOn-demand Windows Diagnostic Logs via Intune
How-to gather on-demand diagnostic data from Windows 10 1903+ by utilizing the DiagnosticLog CSP via a MDM service like Intune.
Read MoreEnabling BitLocker on non-HSTI devices with Intune
This is a post about enabling BitLocker on non-HSTI devices with Windows 10 version 1809 and standard user permissions. First of all a little background on HSTI. HSTI is a Hardware Security Testability Interface. It is an interface to report the results of security-related self-tests. Its purpose is to provide high assurance validation of proper security configuration.…
Read MoreDeep dive Microsoft Intune Management Extension – PowerShell Scripts
Microsoft made a big step forward in the Modern Management field. Limitations like custom configurations or even Win32 App installs can be addressed now. Microsoft developed an EMS agent (aka SideCar) and released it as a new Intune feature called Intune Management Extension. This agent is able to manage and execute PowerShell scripts on Windows 10…
Read More