Windows 10 Azure AD Join build 1607

This is going to be a short blogpost on the updated experience on what it looks like for a user doing a out of the box Azure AD Join in the Anniversary Edition of Windows 10. There is a few and cool new things giving the user a much better experience.

One thing to notice is that Convenience Pin is disabled by default for Domain Joined or Azure AD Joined machines. Read on to learn how this affects the users.

Continue reading

Configure PFX Certificate Profile distribution in Microsoft Intune

Businesses are investing a lot in securing access to company resources but still achive a good and simple user experience around accessing those resources. Haven’t we all strugled to actually get access to the corporate WIFI which has been secured with certificates? Or what about strugling with changing password on all devices to get e-mail flowing again after we have changed the password on our work computer.

This can all be made easier with provisioning users with a certificate on the mobile device. With the certificates provisioned to the user on the device, we can also provision wifi-profiles, vpn-profiles and even e-mail profiles for on-prem exchange without the user needing to provide a password to connect to it.

Continue reading

Preview: First look at Windows Defender Advanced Threath Protection

Windows Defender Advanced Threat Protection (ATP) is a new service from Microsoft that will enable you to monitor and detect, investigate and respond to attacks on their environment. AP is not replacing your antivirus program, but adding a post-breach layer to the Windows 10 Security Stack.

Windows Defender ATP is using client-side sensor technology that is built into Windows 10 (Anniversary Edition) and a cloud service that is using advanced machine learning and telemetry date to help you investigate the breach and offers you response recommendations. Continue reading

Windows 10: Managing Windows Defender With Intune

Since Microsoft released support for Windows 10 management through Intune we have been able to manage the settings for Defender through custom OMA-URI settings in the Intune portal. The experience around this har been OK, but not optimal.

In the latest update release for Intune it is now possible to manage all settings for Windows Defender directly from the General Windows 10 Policy template. In this blogpost I will show how this new feature work.  Continue reading

User Experience: Upgrade your PC’s to Windows 10 Enterprise by joining Azure AD

EdUpgr000

In my previous blogpost Intune: Upgrade Windows 10 Edition to Enterprise I was telling how you can configure Microsoft Intune to upgrade your PC’s from Pro to Enterprise Edition. This blogpost is going to show the user experience on how the upgrade itself works from a user perspective with screenshots and explanations.  Continue reading

Microsoft Intune: Integrate Windows Store for business

BusinessStore000

For a while now we have been waiting for the integration between Windows Store for business and Microsoft Intune. This integration will allow you to deploy purchased or free apps from the Windows Store through the Intune admin console. This blogpost is a simple guide on how to set up this integration and deploy your first app. My example is going to use the Intune Company Portal app as an example.  Continue reading

AzureAD Domain Join – Add user to local adminstrator group

 

There is a issue on Azure AD Domain joined machines if you want to add AzureAD users to a local group. Lets say you want to enable a user to log on remote to a AzureAD joined machine or you want to add users to the local administrators group. The GUI doesn’t support this at all because you are not able to check for users in the cloud.  Continue reading