Enterprise Mobility and the Microsoft Cloud
New enhancements to Autopilot Manager are here. This time I focused on further optional automations of the import process based on customer feedback. Another year is gone and Autopilot Manager once again gets new features. Ironically last time I introduced new features (Evolving Autopilot Manager) was also ~1 year after the initial release. So here…
Read More
Today we are going to look under the hood of certificate requests or renewals on an MDM (Intune) managed Windows client. The environment is simple and uses a Windows client and SCEPman as the Cloud CA, which is easily set up and nothing more than an Azure App Service. It is especially interesting, as this…
Read More
Today I’m going to show how we can achieve user device affinity with Intune application deployment as known from ConfigMgr. When we are going to deploy applications to users, we are independent of the user’s devices. The application belongs to a user and it can be installed or it gets automatically installed on all his…
Read More
A year ago, I released the Autopilot Manager to support Autopilot hash imports during Windows OOBE via an approval process (if not already familiar with Autopilot Manager, please read here Introducing Autopilot Manager first) and the solution is used by a lot of companies in the meanwhile. This is quite some time to discuss about…
Read More
Ignite 2021 is almost over and most of the content I was hunting after is also available as on-demand sessions. So, a good time to start a blog about my impressions. In this post I will go over my highlights I captured for the Windows and Modern Management with Microsoft Endpoint Manager area. As I…
Read More
This is a very small follow up post for my article about language change How to completely change Windows 10 language with Intune. I mentioned the Company Portal and the issue that it sometimes got stuck at a language. During that time I didn’t realized something very simple :-). Actually the Windows Settings are telling the…
Read More
Autopilot Manager simplifies Windows Autopilot imports by using a small client program and an Azure app service. It provides end user feedback during import and has several modes to operate at. A self-service mode or an help desk approval mode.
Read More
As a lot of my blog readers probably know :-), I’m working a lot with Microsoft Endpoint Manager – Intune and testing a lot of things in the Modern Management approach with Windows 10. It is absolutely necessary to have a good lab setup to test all these new features in a save way. For…
Read More
A lot of people waited for this enhancement a long time, it is a rather small enhancement, but with a fairly big impact in user experience. So, I thought that it is worth a small blog post :-). In the past if you installed the new Edge on Chromium basis and started it for the…
Read More
In this article we dive into a way to completely switch the language of Windows 10 in a scripted way with the help of Intune and without the need for explicit language cab files. The new language setting will include the Welcome screen and New user defaults as well. This approach is beneficial for further…
Read More
If you are running an environment with a modern management strategy where your clients are highly mobile and managed by cloud services, your built-in direct connection based tools like RDP or Remote Assistance are limited in usability for supporting your devices. In general with the mobile workforce nowadays we can’t rely on solutions needing a…
Read More
In this article we will dive into the basics of Windows 10 application assignments (Win32 apps) in Intune and the various differences depending on the situation (single user associated device, shared devices, non-primary devices). Microsoft Intune differentiates between the install intent based on the app assignment (required install, available for enrolled devices, or uninstall). Actually…
Read More
How to cleanup Windows Autopilot device registrations via PowerShell script and Microsoft Graph.
Read More
Do you ever wanted to know what is going on behind the curtain when clicking MDM Sync on Windows 10? Gaining insights into how the SyncML representation protocol is used during device management of Windows 10 clients? With SyncML Viewer you have the chance to easily get deep insights now. I’ve written a small tool…
Read More
This guide will demonstrate how to enable the BitLocker startup PIN for pre-boot authentication on Windows 10 with Microsoft Intune. I will walk through how to accomplish this in a nearly fully automatic way. Let’s start with some facts around BitLocker to understand the technology more precisely. In fact, I think a pre-boot startup PIN…
Read More
In this post I will dive into the Intune policy processing on a MDM managed Windows 10 client. Intune is an MDM system and has the ability to deploy so called device configuration profiles to managed Windows 10 endpoints. We will have a look at the architecture, the settings, and the actual processing including the…
Read More
When dealing with modern management we always need a storage space to provide simple files like background images or other configuration files. This article will show an easy way to organize and provide files for modern desktops managed by Intune.
Read More
How-to gather on-demand diagnostic data from Windows 10 1903+ by utilizing the DiagnosticLog CSP via a MDM service like Intune.
Read More
Successful onboarding without the pitfalls to miss devices and analytics data.
Read MoreThis is a post about enabling BitLocker on non-HSTI devices with Windows 10 version 1809 and standard user permissions. First of all a little background on HSTI. HSTI is a Hardware Security Testability Interface. It is an interface to report the results of security-related self-tests. Its purpose is to provide high assurance validation of proper security configuration.…
Read MoreMicrosoft made it finally happen and provides an integrated way to deploy Win32 Apps via the Intune Management Extension. This is by far the biggest step forward in the Modern Management field. Until now the community came up with lots of ways to utilize PowerShell scripts to finally install some Win32 Apps. By doing this…
Read More
Complete process automation of gathering and upload of a device Autopilot information to the Windows Autopilot service with an Azure Automation Runbook.
Read MoreThe new Windows 10 Peer 2 Peer feature Delivery Optimization was enhanced by the setting to query DHCP option ID 234 to get a Group ID (DOGroupIdSource). It was implemented into the latest Windows 10 version 1803 based on my feedback. I’m a little proud that the idea was well received and my product feedback…
Read MoreBecause of the popularity of my first blog post Deep dive Microsoft Intune Management Extension – PowerShell Scripts, I’ve decided to write a second post regarding Intune Management Extension to further explain some architecture behind this feature and upcoming question from the community. A deeper understanding helps to successful troubleshoot the feature. Table of content for…
Read MoreThe “push-button reset” (PBR) is the way to do a “factory reset” on Windows 10. It constructs a fresh Windows 10 installation and we can start over again. Implementing a Microsoft 365 powered device mobility concept for a modern workplace with Windows 10, makes usage of Windows as a Service and provides new ways of…
Read More
Modern IT - Cloud - Workplace 