Are you over 18 and want to see adult content?
More Annotations
A complete backup of m-gospelacademy.com
Are you over 18 and want to see adult content?
A complete backup of parkinsonswa.org.au
Are you over 18 and want to see adult content?
A complete backup of retailsellingsteps.blogspot.com
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of bioengineering.ch
Are you over 18 and want to see adult content?
A complete backup of allbusinesstemplates.com
Are you over 18 and want to see adult content?
A complete backup of globalworkplaceinsider.com
Are you over 18 and want to see adult content?
A complete backup of seikatsu-hyakka.com
Are you over 18 and want to see adult content?
A complete backup of trucoslondres.com
Are you over 18 and want to see adult content?
Text
devices.
AUTOMAGICALLY CONVERT INTUNE MANAGED DEVICES TO AUTOPILOT Note: There’s not a real easy method to see which devices are converted to AutoPilot.Those devices will show as any other imported device, without enrollment state. However, as the configuration is done via an AutoPilot deployment profile, the device is immediately assigned to a profile. FACTORY RESET, FRESH START, AUTOPILOT RESET, SO MANY This week something completely different. This time no technical configurations, this time I’ll try to provide some guidance about different Windows 10 features to QUICK TIP: INTUNE DIAGNOSTICS FOR APP PROTECTION POLICIES This week a relatively short blog post about a feature that already exists for a long time, but that is not that known. That feature is the Intune Diagnostics for App Protection Policies (APP). The Intune Diagnostics can be really useful with troubleshooting APP. Especially when looking at APP for apps on unmanaged devices. ALWAYS APPLY BASELINE TO CO-MANAGED DEVICES Note: The setting Always apply this baseline even for co-managed clients in the baseline, as mentioned in step 3a, can be used to make sure that the baseline is always applied on co-managed devices.. End-results. Now let’s continue by having a look at the results on a co-managed device. Below are two examples of one of a co-manageddevice.
CONFIGURE TIME ZONES VIA WINDOWS 10 MDM This week a blog post about a nice newly introduced policy setting in Windows 10, version 1903. That setting is available in the TimeLanguageSettings area, and can be used to set the time zone of the device. The TimeLanguageSettings area already existed before Windows 10, version 1903, but previously only contained a single setting forWindows 10 Mobile.
WORKING WITH EXPLOIT PROTECTION TO PROTECT DEVICES FROM Note: The default value represents the Use default configuration in Exploit Protection and indicates the recommended setting for home users. IT administrators should always consider the required protection for their organizational needs. Configuration of Exploit Protection. The configuration of Exploit Protection, via Microsoft Intune, can be achieved by performing three actions. USING SAMSUNG KNOX MOBILE ENROLLMENT WITH MICROSOFT INTUNE Open the Samsung Knox Mobile Enrollment portal and navigate to MDM Profiles. On the MDM Profiles page, click CREATE PROFILE to open the CREATE NEW PROFILE wizard. On the Select profile type page, select ANDROID ENTERPRISE (as shown in Figure 1) to let USING SETUP ASSISTANT WITH MODERN AUTHENTICATION This week is all about the support for a new authentication method when using Automated Device Enrollment (ADE). That new authentication method is Setup Assistant with modern authentication and is available for iOS/iPadOS devices running version 13.0 and later and for macOS devices running version 10.15 and later.Setup Assistant with modern authentication enables organizations to require FEDERATED AUTHENTICATION FOR MANAGED APPLE IDS February 1, 2021 by Peter van der Woude. This week is all about federated authentication for Managed Apple IDs. When using Microsoft Intune for managing Apple devices, the use of Managed Apple IDs is adding more and more value to the solution. That value gets even more when those Managed Apple IDs are federated with Azure AD. QUICK TIP: INTUNE DIAGNOSTICS FOR APP PROTECTION POLICIES This week a relatively short blog post about a feature that already exists for a long time, but that is not that known. That feature is the Intune Diagnostics for App Protection Policies (APP). The Intune Diagnostics can be really useful with troubleshooting APP. Especially when looking at APP for apps on unmanaged devices. FURTHER INTEGRATING APPLE BUSINESS MANAGER WITH MICROSOFT A few weeks ago I’ve discussed the integration of Apple Business Manager (ABM) with Azure AD, to provision the Managed Apple IDs and to provide a federation.That provides a very nice user experience, when used in combination with Microsoft Intune. This week I want to extend on ABM by further integrating it with Microsoft Intune. EASIER MANAGING LOCAL ADMINISTRATORS VIA WINDOWS 10 MDM ON This week back to the Windows platform. This week is again about managing local administrators on Windows 10 devices. Even in a modern world, there can still be a need for managing the local administrators on a Windows 10 devices and often that still requires more flexibility than provided with the default Azure AD functionality. BLOCK ACCESS TO A DEVICE UNTIL SPECIFIC APPS ARE INSTALLED 2. On the Enrollment Status Page (Preview) blade, select Default > Settings to open the All users and all devices – Settings blade; 3a. On the All users and all devices – Settings blade, select Yes with Show app and profile installation progress and Yes with Block device use until all apps and profiles are installed to enable the Block WORKING WITH (CUSTOM) DETECTION RULES FOR WIN32 APPS On the Detection rules blade, the different detection rule formats of Win32 apps are shown.Those detection rule formats are categorized as mentioned below. Manually configure detection rules: This detection rule format enables the administrator to use a MSI product code, file or folder information or registry information for detecting the app.; Use custom detection rules: This detection rule CONDITIONAL ACCESS AND BLOCKING DOWNLOADS This week is all about using conditional access for blocking downloads. I already did something similar before by using app enforced restrictions for Exchange Online and SharePoint Online.This time I’m going to take it one step further by looking at recently adjusted functionality for Conditional Access App Control.Conditional Access App Control enables administrators to control user WORKING WITH EXPLOIT PROTECTION TO PROTECT DEVICES FROM Note: The default value represents the Use default configuration in Exploit Protection and indicates the recommended setting for home users. IT administrators should always consider the required protection for their organizational needs. Configuration of Exploit Protection. The configuration of Exploit Protection, via Microsoft Intune, can be achieved by performing three actions. USING SAMSUNG KNOX MOBILE ENROLLMENT WITH MICROSOFT INTUNE Open the Samsung Knox Mobile Enrollment portal and navigate to MDM Profiles. On the MDM Profiles page, click CREATE PROFILE to open the CREATE NEW PROFILE wizard. On the Select profile type page, select ANDROID ENTERPRISE (as shown in Figure 1) to let USING SETUP ASSISTANT WITH MODERN AUTHENTICATION This week is all about the support for a new authentication method when using Automated Device Enrollment (ADE). That new authentication method is Setup Assistant with modern authentication and is available for iOS/iPadOS devices running version 13.0 and later and for macOS devices running version 10.15 and later.Setup Assistant with modern authentication enables organizations to require FEDERATED AUTHENTICATION FOR MANAGED APPLE IDS February 1, 2021 by Peter van der Woude. This week is all about federated authentication for Managed Apple IDs. When using Microsoft Intune for managing Apple devices, the use of Managed Apple IDs is adding more and more value to the solution. That value gets even more when those Managed Apple IDs are federated with Azure AD. QUICK TIP: INTUNE DIAGNOSTICS FOR APP PROTECTION POLICIES This week a relatively short blog post about a feature that already exists for a long time, but that is not that known. That feature is the Intune Diagnostics for App Protection Policies (APP). The Intune Diagnostics can be really useful with troubleshooting APP. Especially when looking at APP for apps on unmanaged devices. FURTHER INTEGRATING APPLE BUSINESS MANAGER WITH MICROSOFT A few weeks ago I’ve discussed the integration of Apple Business Manager (ABM) with Azure AD, to provision the Managed Apple IDs and to provide a federation.That provides a very nice user experience, when used in combination with Microsoft Intune. This week I want to extend on ABM by further integrating it with Microsoft Intune. EASIER MANAGING LOCAL ADMINISTRATORS VIA WINDOWS 10 MDM ON This week back to the Windows platform. This week is again about managing local administrators on Windows 10 devices. Even in a modern world, there can still be a need for managing the local administrators on a Windows 10 devices and often that still requires more flexibility than provided with the default Azure AD functionality. BLOCK ACCESS TO A DEVICE UNTIL SPECIFIC APPS ARE INSTALLED 2. On the Enrollment Status Page (Preview) blade, select Default > Settings to open the All users and all devices – Settings blade; 3a. On the All users and all devices – Settings blade, select Yes with Show app and profile installation progress and Yes with Block device use until all apps and profiles are installed to enable the Block WORKING WITH (CUSTOM) DETECTION RULES FOR WIN32 APPS On the Detection rules blade, the different detection rule formats of Win32 apps are shown.Those detection rule formats are categorized as mentioned below. Manually configure detection rules: This detection rule format enables the administrator to use a MSI product code, file or folder information or registry information for detecting the app.; Use custom detection rules: This detection rule CONDITIONAL ACCESS AND BLOCKING DOWNLOADS This week is all about using conditional access for blocking downloads. I already did something similar before by using app enforced restrictions for Exchange Online and SharePoint Online.This time I’m going to take it one step further by looking at recently adjusted functionality for Conditional Access App Control.Conditional Access App Control enables administrators to control user JUNE 2021 – ALL ABOUT MICROSOFT ENDPOINT MANAGER I’m Peter van der Woude, born in 1983 and I’m living together with my wife and two sons in the Netherlands. I work at KPN and my main focus is the innovation of our modern workplace solution (using Microsoft Endpoint Manager). USING AUTHENTICATION CONTEXTS TO ADD STEP-UP This week is all about authentication contexts. Authentication contexts are another great feature for Condition Access policies. That feature enables IT administrators to further secure data and actions in apps, by providing a step-up authentication. AUTHENTICATION CONTEXT I’m Peter van der Woude, born in 1983 and I’m living together with my wife and two sons in the Netherlands. I work at KPN and my main focus is the innovation of our modern workplace solution (using Microsoft Endpoint Manager). EASILY CONTROLLING THE OFFICE UPDATE CHANNEL BY USING Note: In my device configuration profile I’ve also configured Enable Automatic Updates and Hide option to enable or disable updates to make sure that Office automatically checks for updates without an option for the user to disable Office updates.. Result. Now it’s really interesting to look at the result of the created configuration. For that, let’s first have a look at the registry. EASIER MANAGING LOCAL ADMINISTRATORS VIA WINDOWS 10 MDM ON This week back to the Windows platform. This week is again about managing local administrators on Windows 10 devices. Even in a modern world, there can still be a need for managing the local administrators on a Windows 10 devices and often that still requires more flexibility than provided with the default Azure AD functionality. SCHEDULING A REBOOT VIA WINDOWS 10 MDM Schedule/DailyRecurrent. This node can be used to execute a reboot of the device, each day, at a scheduled time starting at the configured time and date. Setting a null (empty) date will delete an existing schedule. The date and time value is ISO8601, and both, the date and time, are required. Example: 2019-10-02T21:00:00Z. AUTOMAGICALLY CONVERT INTUNE MANAGED DEVICES TO AUTOPILOT Note: There’s not a real easy method to see which devices are converted to AutoPilot.Those devices will show as any other imported device, without enrollment state. However, as the configuration is done via an AutoPilot deployment profile, the device is immediately assigned to a profile. DOWNLOAD PACKAGE CONTENT DURING A TASK SEQUENCE The download location Task sequence working directory is the easiest to handle for the task sequence. The task sequence will download the content to the C:\_SMSTaskSequence\Packages directory and set the ContentPath01 variable to the location of the first Package. After that it will add the ContentPath01 variable to the list of paths thatneed
LOCATING LOST OR STOLEN WINDOWS 10 DEVICES This week is all about a small new feature for Windows 10 devices that was introduced with the latest service release of Microsoft Intune. That new feature is the ability to find lost or stolen Windows 10devices.
WINDOWS AUTOPILOT WHITE GLOVE SERVICE This week is about Windows Autopilot. More specifically, the Windows Autopilot white glove service. The Windows Autopilot white glove service will enable organizations to pre-provision Windows 10 devices to make sure that end-users get their device faster to a fullyprovisioned state.
FEDERATED AUTHENTICATION FOR MANAGED APPLE IDS February 1, 2021 by Peter van der Woude. This week is all about federated authentication for Managed Apple IDs. When using Microsoft Intune for managing Apple devices, the use of Managed Apple IDs is adding more and more value to the solution. That value gets even more when those Managed Apple IDs are federated with Azure AD. CHROME OS – ALL ABOUT MICROSOFT ENDPOINT MANAGER Supporting the unsupported platforms. September 14, 2020 by Peter van der Woude. This week is all about supporting the unsupported platforms. More specifically, working with the limitations of the platforms that are unsupported by (parts of) the Microsoft 365 solution. Those platforms are Chrome OS and the different Linuxdistributions.
SCOPE TAG – ALL ABOUT MICROSOFT ENDPOINT MANAGER That feature is the ability assign a scope tag to all devices in a specific security group. Like last week it’s a relatively simple feature, but also like last week that simple feature makes life a lot easier. A few months ago I did a post about adding scope tags to devices. In that time it was still a manual action per device, whichcould be
ALWAYS APPLY BASELINE TO CO-MANAGED DEVICES Note: The setting Always apply this baseline even for co-managed clients in the baseline, as mentioned in step 3a, can be used to make sure that the baseline is always applied on co-managed devices.. End-results. Now let’s continue by having a look at the results on a co-managed device. Below are two examples of one of a co-manageddevice.
WORKING WITH (CUSTOM) DETECTION RULES FOR WIN32 APPS On the Detection rules blade, the different detection rule formats of Win32 apps are shown.Those detection rule formats are categorized as mentioned below. Manually configure detection rules: This detection rule format enables the administrator to use a MSI product code, file or folder information or registry information for detecting the app.; Use custom detection rules: This detection rule QUICK TIP: INTUNE DIAGNOSTICS FOR APP PROTECTION POLICIESMICROSOFT INTUNE APP PROTECTION POLICYAPP PROTECTION POLICIES INTUNE ANDROIDINTUNE APP PROTECTION POLICIES FAQINTUNE APP PROTECTION POLICIES IOSINTUNE APP PROTECTION CUSTOM APPSAPP PROTECTION POLICY IOS This week a relatively short blog post about a feature that already exists for a long time, but that is not that known. That feature is the Intune Diagnostics for App Protection Policies (APP). The Intune Diagnostics can be really useful with troubleshooting APP. Especially when looking at APP for apps on unmanaged devices. THE CONDITIONAL ACCESS POLICY FLOW This week it’s about the conditional access policy flow. The flow that will help with determining if a conditional access policy is applicable to the user’s attempt to access a cloud app and if access will be allowed or blocked. The idea is similar to the What if tool. The big difference is that the What if tool does a technical check to CONDITIONAL ACCESS AND BLOCKING DOWNLOADS This week is all about using conditional access for blocking downloads. I already did something similar before by using app enforced restrictions for Exchange Online and SharePoint Online.This time I’m going to take it one step further by looking at recently adjusted functionality for Conditional Access App Control.Conditional Access App Control enables administrators to control user SHOWING DEPENDENT APPLICATIONS IN CONFIGMGR 2012 VIA This week I want to devote a blog post to finding dependent applications. Via the ConfigMgr Console it’s very easy to find the configured Dependencies of an Application, but what if I want to know which applications depend on a specific Application?Via the ConfigMgr Console this is not possible (out-of-the-box), but this doesn’t mean that the information is not accessible. CONFIGURE FIDO2 SECURITY KEY RESTRICTIONS This week is all about FIDO2 security keys. More specifically about configuring FIDO2 security key restrictions to make sure that users can only use specific FIDO2 security keys, or to prevent users from using specific FIDO2 security keys. FEDERATED AUTHENTICATION FOR MANAGED APPLE IDS February 1, 2021 by Peter van der Woude. This week is all about federated authentication for Managed Apple IDs. When using Microsoft Intune for managing Apple devices, the use of Managed Apple IDs is adding more and more value to the solution. That value gets even more when those Managed Apple IDs are federated with Azure AD. CHROME OS – ALL ABOUT MICROSOFT ENDPOINT MANAGER Supporting the unsupported platforms. September 14, 2020 by Peter van der Woude. This week is all about supporting the unsupported platforms. More specifically, working with the limitations of the platforms that are unsupported by (parts of) the Microsoft 365 solution. Those platforms are Chrome OS and the different Linuxdistributions.
SCOPE TAG – ALL ABOUT MICROSOFT ENDPOINT MANAGER That feature is the ability assign a scope tag to all devices in a specific security group. Like last week it’s a relatively simple feature, but also like last week that simple feature makes life a lot easier. A few months ago I did a post about adding scope tags to devices. In that time it was still a manual action per device, whichcould be
ALWAYS APPLY BASELINE TO CO-MANAGED DEVICES Note: The setting Always apply this baseline even for co-managed clients in the baseline, as mentioned in step 3a, can be used to make sure that the baseline is always applied on co-managed devices.. End-results. Now let’s continue by having a look at the results on a co-managed device. Below are two examples of one of a co-manageddevice.
WORKING WITH (CUSTOM) DETECTION RULES FOR WIN32 APPS On the Detection rules blade, the different detection rule formats of Win32 apps are shown.Those detection rule formats are categorized as mentioned below. Manually configure detection rules: This detection rule format enables the administrator to use a MSI product code, file or folder information or registry information for detecting the app.; Use custom detection rules: This detection rule QUICK TIP: INTUNE DIAGNOSTICS FOR APP PROTECTION POLICIESMICROSOFT INTUNE APP PROTECTION POLICYAPP PROTECTION POLICIES INTUNE ANDROIDINTUNE APP PROTECTION POLICIES FAQINTUNE APP PROTECTION POLICIES IOSINTUNE APP PROTECTION CUSTOM APPSAPP PROTECTION POLICY IOS This week a relatively short blog post about a feature that already exists for a long time, but that is not that known. That feature is the Intune Diagnostics for App Protection Policies (APP). The Intune Diagnostics can be really useful with troubleshooting APP. Especially when looking at APP for apps on unmanaged devices. THE CONDITIONAL ACCESS POLICY FLOW This week it’s about the conditional access policy flow. The flow that will help with determining if a conditional access policy is applicable to the user’s attempt to access a cloud app and if access will be allowed or blocked. The idea is similar to the What if tool. The big difference is that the What if tool does a technical check to CONDITIONAL ACCESS AND BLOCKING DOWNLOADS This week is all about using conditional access for blocking downloads. I already did something similar before by using app enforced restrictions for Exchange Online and SharePoint Online.This time I’m going to take it one step further by looking at recently adjusted functionality for Conditional Access App Control.Conditional Access App Control enables administrators to control user SHOWING DEPENDENT APPLICATIONS IN CONFIGMGR 2012 VIA This week I want to devote a blog post to finding dependent applications. Via the ConfigMgr Console it’s very easy to find the configured Dependencies of an Application, but what if I want to know which applications depend on a specific Application?Via the ConfigMgr Console this is not possible (out-of-the-box), but this doesn’t mean that the information is not accessible. CONFIGURE FIDO2 SECURITY KEY RESTRICTIONS This week is all about FIDO2 security keys. More specifically about configuring FIDO2 security key restrictions to make sure that users can only use specific FIDO2 security keys, or to prevent users from using specific FIDO2 security keys. JUNE 2021 – ALL ABOUT MICROSOFT ENDPOINT MANAGER I’m Peter van der Woude, born in 1983 and I’m living together with my wife and two sons in the Netherlands. I work at KPN and my main focus is the innovation of our modern workplace solution (using Microsoft Endpoint Manager). USING AUTHENTICATION CONTEXTS TO ADD STEP-UP This week is all about authentication contexts. Authentication contexts are another great feature for Condition Access policies. That feature enables IT administrators to further secure data and actions in apps, by providing a step-up authentication. SUPPORTING THE UNSUPPORTED PLATFORMS September 14, 2020 by Peter van der Woude. This week is all about supporting the unsupported platforms. More specifically, working with the limitations of the platforms that are unsupported by (parts of) the Microsoft 365 solution. Those platforms are Chrome OS and the different Linux distributions. Often those platforms are around in an EASILY CONTROLLING THE OFFICE UPDATE CHANNEL BY USING Note: In my device configuration profile I’ve also configured Enable Automatic Updates and Hide option to enable or disable updates to make sure that Office automatically checks for updates without an option for the user to disable Office updates.. Result. Now it’s really interesting to look at the result of the created configuration. For that, let’s first have a look at the registry.PETER VAN DER WOUDE
I’m Peter van der Woude, born In 1983 and I’m living together with my wife and two sons in the Netherlands. Currently I work for KPN ICT Consulting. At this moment my main focus is Enterprise Cl AUTOMAGICALLY CONVERT INTUNE MANAGED DEVICES TO AUTOPILOT Note: There’s not a real easy method to see which devices are converted to AutoPilot.Those devices will show as any other imported device, without enrollment state. However, as the configuration is done via an AutoPilot deployment profile, the device is immediately assigned to a profile. PREVENT NON-ADMINISTRATOR USERS FROM INSTALLING WINDOWS Note: This policy does not configure the ability of users to install Windows app packages via the Microsoft Store.. Configuration. When knowing the available policy setting and the possible values, it’s time to take a look at the steps for configuring that specific policy. EASILY EXPORTING INTUNE REPORTS USING MICROSOFT GRAPH This week a short blog post about Intune reports and more specifically about exporting Intune reports by using Microsoft Graph. Since recently, all reports that are available in the (new) Intune reporting infrastructure are available for export. FACTORY RESET, FRESH START, AUTOPILOT RESET, SO MANY This week something completely different. This time no technical configurations, this time I’ll try to provide some guidance about different Windows 10 features to CONFIGURE TIME ZONES VIA WINDOWS 10 MDM This week a blog post about a nice newly introduced policy setting in Windows 10, version 1903. That setting is available in the TimeLanguageSettings area, and can be used to set the time zone of the device. The TimeLanguageSettings area already existed before Windows 10, version 1903, but previously only contained a single setting forWindows 10 Mobile.
Skip to content Skip to content ALL ABOUT MICROSOFT ENDPOINT MANAGER Peter blogs about Configuration Manager, Microsoft Intune and moreMenu
* Home
* Scripts
* Archive
* Contact
* About
*
__
*
__
*
__
*
__
*
USING FILTERS FOR DEVICES AS CONDITION IN CONDITIONAL ACCESS POLICIES May 31, 2021 by Peter van der Woude This week is also all about filters. Last week was about filters for assigning apps, policies and profiles to specific devices in Microsoft Intune and this week is about filters for devices as a condition in Conditional Access policies. Filters for devices are a nice addition to Conditional Access policies to only target specific devices. A great option for addressing specific scenarios. This post starts with a short introduction about filters for devices, followed with the steps for configuring a filter within a Conditional Access policy. This post ends with the administrator experience. Important: At the moment of writing, filters for devices are still public preview. For Azure AD features that means that the feature is provided without a service level agreement, and that the …Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
Leave a comment
USING FILTERS FOR ASSIGNING APPS, POLICIES AND PROFILES TO SPECIFICDEVICES
May 26, 2021May 24, 2021 by Peter van der Woude This week is all about filters. Filters are basically a super-set of the functionalities of applicability rules – already available for a while for Windows 10 – and are a great new addition to assigning apps policies and profiles to specific devices. Those specific devices are only the devices that meet the specific properties that are configured in the filters. A great method for specifically targeting apps, policies and profiles. This post starts with a short introduction about filters, followed with information about creating and using filters (including the steps for using and creating filters). This post ends with the administrator experience with filters. Introducing filters For device configuration profiles for Windows 10 devices it was already possible to use applicability rules. Applicability rules would …Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
Leave a comment
ENHANCE INVENTORY REPORTING WITH LOCAL ADMINISTRATOR INFORMATION May 17, 2021 by Peter van der Woude This week is all about enhancing inventory reporting with information about the local administrators on the managed Windows 10 devices. This time is not about managing the different local administrators on those Windows 10 devices, but this time is about creating a report that provides insights to the different local administrators that are configured on those Windows 10 devices. The solution to enhance the inventory reporting, relies on PowerShell, Log analytics, Workbooks and the Azure Monitor HTTP Data Collector API. PowerShell is used to gather the information on the local device and uses the Azure Monitor HTTP Data Collector API to write the gathered information to Log analytics. Workbooks are used to visualize the gathered data from Log analytics. This solution is inspired and based …Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
Leave a comment
LOCATING LOST OR STOLEN WINDOWS 10 DEVICES May 10, 2021 by Peter van der Woude This week is all about a small new feature for Windows 10 devices that was introduced with the latest service release of Microsoft Intune. That new feature is the ability to find lost or stolen Windows 10 devices. Starting with the 2104 service release of Microsoft Intune, the Locate device remote device action – already available for supervised iOS and iPadOs device – also becomes available for Windows 10 devices. That enables IT administrators to find lost or stolen Windows 10 devices. This post will start by going through the information about the new remote action, including the implications, followed with the steps for configuring the privacy settings. This post will end by showing the IT administrator and user experience. Introduction to the location service …Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
5 Comments
CONDITIONAL ACCESS AND REGISTERING OR JOINING DEVICES TO AZURE AD May 3, 2021 by Peter van der Woude This week is all about registering and joining devices to Azure Active Directory (Azure AD). More specifically, about requiring multi-factor authentication (MFA) when registering or joining devices to Azure AD. Starting with March 2021, Azure AD contains a new feature in Conditional Access (CA) that provides more flexibility for requiring MFA when registering or joining devices to Azure AD. That new feature is the Register or join devices user action. This post will start with a short introduction about that new user action, followed with the steps to configure that user action. This post will end with a look at sign-in logs. Important: The Register or join devices user action is also the new recommended method for enforcing MFA when registering or joining a device …Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
Leave a comment
USING SETUP ASSISTANT WITH MODERN AUTHENTICATION April 26, 2021 by Peter van der Woude This week is all about the support for a new authentication method when using Automated Device Enrollment (ADE). That new authentication method is Setup Assistant with modern authentication and is available for iOS/iPadOS devices running version 13.0 and later and for macOS devices running version 10.15 and later. Setup Assistant with modern authentication enables organizations to require authentication with Azure AD, including the ability to require MFA, and enables users to immediately use their device. This post provides an introduction to this new authentication method, followed with the steps to configure an enrollment profile with this new authentication method. This post ends with a quick look at the enrollment experience when using Setup Assistant with modern authentication. Note: At the moment of writingSetup Assistant …
Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
4 Comments
WORKING WITH SUPERSEDENCE RELATIONSHIPS FOR WIN32 APPS April 19, 2021 by Peter van der Woude This week is all about Win32 apps in Microsoft Intune. Last year I’ve written a lot about the different features of Win32 apps and now, starting with the 2102 service release of Microsoft Intune, there is a new feature for Win32 apps. That feature is the ability to create supersendence relationships between different Win32 apps. That relationship can be used to update a Win32 app to a newer version of the Win32 app, or to replace a Win32 app with a different version of the Win32 app. Actually, it can even be used to replace a Win32 app with a completely different Win32 app. This post will start with the theory of supersedence relationships for Win32 apps, followed with the steps to configure a supersedence …Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
2 Comments
WORKING WITH EXPLOIT PROTECTION TO PROTECT DEVICES FROM BEINGEXPLOITED
April 12, 2021 by Peter van der Woude This week is all about Exploit Protection. An often overlooked security feature that is available in the Windows Security app, screaming for more awareness. Exploit Protection was originally introduced as one of the four main components of Windows Defender Exploit Guard (Exploit Guard). Exploit Guard itself was introduced as a major update to Microsoft Defender Antivirus, in Windows 10 version 1709, and was the successor of Enhance Mitigation Experience Toolkit (EMET). Actually, the Exploit Protection component contains the actual replacement functionality of EMET, and more. Nowadays Exploit Protection is part of the App & browser control section in the Windows Security app, but many configuration paths still refer to Exploit Guard. In this post I’ll start with an introduction about Exploit protection, followed with the …Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
Leave a comment
STANDARDIZING AND SIMPLIFYING MANAGEMENT WITH WINDOWS 10 IN CLOUDCONFIGURATION
April 5, 2021 by Peter van der Woude This week is al about Windows 10 in cloud configuration (also known as cloud config). Cloud config is focused on standardizing and simplifying management for users with focused workflow needs and initially started as a documented set of recommended configuration settings. At that point in time, it was already known that eventually it would evolve to be more than just documentation. And it really did evolved. With the latest service updates to Microsoft Intune (2103), a new guided scenario is introduced that will walk the IT administrator through a few important variables and that will create all the earlier mentioned recommended configuration settings. This post will start with a quick introduction about cloud config, followed with the steps to walk through the guided scenario. This post …Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
Leave a comment
GETTING STARTED WITH WINDOWS DEFENDER CREDENTIAL GUARD April 1, 2021March 29, 2021 by Peter van der Woude This week is again back to Windows. This week is all about Windows Defender Credential Guard (Credential Guard). Credential Guard is definitely not something new, it’s actually available since the beginning of Windows 10, but it’s still a little unknown and still not always used. A little awareness is on its place. Credential Guard uses virtualization-based security to isolate secrets and to make sure that only privileged access is allowed. That helps with preventing unauthorized access that can lead to known credential theft attacks, like Pass-the-Hash and Pass-the-Ticket. Besides awareness, there is also another new configuration location within Microsoft Intune that might be interesting. This post will start with a quick introduction about Credential Guard, followed with the steps to configure Credential Guard by using …Read more
SHARE THIS:
* Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Pocket (Opens in new window) * Click to share on Telegram (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Skype (Opens in new window) * Click to email this to a friend (Opens in new window) * Click to print (Opens in new window)*
Leave a comment
Post navigation
Older posts
Page1 Page2 … Page49Next →
AWARD
SUBSCRIBE TO UPDATES Provide your email address to subscribe to updates on this blog. Join 633 other subscribersEmail address
Subscribe
ADVERTISEMENTS
ABOUT
I’m
Peter van der Woude, born in 1983 and I’m living together with my wife and two sons in the Netherlands. I work at KPN and my main focus is the innovation of our modern workplace solution (using Microsoft Endpoint Manager). Peter van der WoudeFollowPeter van der Woude
@pvanderwoude
·
6h
Thank you all for the feedback so far and for volunteering to help! Just awesome! My Twitterfeed went bananas, so I might have missed some feedback or help. Keep in mind that it's nothing personal if I didn'trespond
#MEM #MEMpowered
#UpdateCompliance
#CommunityRocks
Peter van der Woude@pvanderwoude Thank you all for the feedback so far! Keep it coming! Next week I’ll verify the behavior with the coming patch Tuesday. If you’re using update compliance already and are willing to run some tests nextweek, let me know!
https://twitter.com/pvanderwoude/status/1400821579085455362 Reply on Twitter 1401426378487177218Retweet
on Twitter 1401426378487177218Like
on Twitter 140142637848717721811401426378487177218
Peter van der Woude
@pvanderwoude
·
18h
Any more feedback from the #MEM #MEMpowered community regarding update compliance and the information that you would like tosee?
Gabe Frost@bytenerd
@coaster_katy @pvanderwoude Beyond this great example, what's on yourwish list?
Reply on Twitter 1401245138962243596Retweet
on Twitter 1401245138962243596Like
on Twitter 14012451389622435961401245138962243596
Peter van der Woude
@pvanderwoude
·
5 Jun
Thank you all for the feedback so far! Keep it coming! Next week I’ll verify the behavior with the coming patch Tuesday. If you’re using update compliance already and are willing to run some tests nextweek, let me know!
Peter van der Woude@pvanderwoude Some Friday creativity, looking for feedback. Would you use a Workbook like this, integrated in #MEM and based on #UpdateCompliance for#Windows10? 2
Reply on Twitter 1401061848712163330Retweet
on Twitter 14010618487121633301Like
on Twitter 140106184871216333081401061848712163330
Peter van der Woude
@pvanderwoude
·
4 Jun
Some Friday creativity, looking for feedback. Would you use a Workbook like this, integrated in #MEM and based on #UpdateCompliancefor #Windows10
?2
Reply on Twitter 1400821579085455362Retweet
on Twitter 140082157908545536211Like
on Twitter 14008215790854553621151400821579085455362
Retweet on Twitter
Peter van
der Woude Retweeted
Courtenay Bernier
@mscloudinfra
·
3 Jun
June 2021 blog post: Deploy @MSIntune configuration policies on a schedule with @MSPowerApps and @MSPowerAutomate https://uem4all.com/2021/06/03/memscheduledpolicies Reply on Twitter 1400580402826207234Retweet
on Twitter 140058040282620723420Like
on Twitter 1400580402826207234491400580402826207234
Load
More...
RECENT POSTS
* Using filters for devices as condition in Conditional Accesspolicies
* Using filters for assigning apps, policies and profiles tospecific devices
* Enhance inventory reporting with local administrator information * Locating lost or stolen Windows 10 devices * Conditional access and registering or joining devices to Azure ADTAGS
ADFS Android
Android Enterprise
App
Configuration PoliciesApplications
Azure AD
Co-management
Collections
Company Portal
Compliance
Policy
Compliance Settings
Conditional Access
ConfigMgr
ConfigMgr 1511
ConfigMgr
2007
ConfigMgr 2012
Configuration BaselineConfiguration Item
Configuration Policy Device configurationDistribution Point
Intune
Management ExtensioniOS ipadOS
MAM-WE
MDM
MEM
Microsoft Endpoint
Manager
Microsoft Graph REST APIMicrosoft Intune
MVP
Office 365
OMA-DM
OMA-URI
Orchestrator 2012
Powershell SCCM
Software Updates
Task
Sequence
USMT 4.0 Win32
app Windows 7
Windows 10
Windows
AutoPilot
Windows
Phone 8.1
CALENDAR
June 2021
S
M
T
W
T
F
S
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
« May Â
© 2009 - 2021 PETER VAN DER WOUDE petervanderwoude.nl uses cookies to ensure that it provides you the best experience on this blog. By continuing to use this blog, you agree to their use. To find out more, including how to control cookies, see here: Cookie policy Send to Email Address Your Name Your Email Address Cancel Post was not sent - check your email addresses! Email check failed, please try again Sorry, your blog cannot share posts by email.Details
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0