Microsoft has released a number of powershell sample script on github. After playing around with them for a bit I have found some cool and powerful use cases that I want to share. The first one is about creating and reusing compliance policies across multiple customer tenants.
After 3 days at Experts Live in Berlin, my speaker duties are finished. This conference was pretty new to me and I would like to share my experiences. I have delivered 4 contributions to this great conference, 2 sessions where I have been talking about Microsoft Intune, Azure AD, Conditional Access and Windows 10 Modern IT and 2 discussion panel session talking about much of the same stuff 🙂
This is going to be a short blogpost on the updated experience on what it looks like for a user doing a out of the box Azure AD Join in the Anniversary Edition of Windows 10. There is a few and cool new things giving the user a much better experience.
One thing to notice is that Convenience Pin is disabled by default for Domain Joined or Azure AD Joined machines. Read on to learn how this affects the users.
Businesses are investing a lot in securing access to company resources but still achive a good and simple user experience around accessing those resources. Haven’t we all strugled to actually get access to the corporate WIFI which has been secured with certificates? Or what about strugling with changing password on all devices to get e-mail flowing again after we have changed the password on our work computer.
This can all be made easier with provisioning users with a certificate on the mobile device. With the certificates provisioned to the user on the device, we can also provision wifi-profiles, vpn-profiles and even e-mail profiles for on-prem exchange without the user needing to provide a password to connect to it.
I had planned to write a blogpost on this since this feature first was announced a while ago.
Everyone that has worked with Microsoft Intune up until recently know that Device Grouping in Microsoft Intune basically has been useless as you had to manually move devices into groups after enrollment. Continue reading
Since Microsoft released support for Windows 10 management through Intune we have been able to manage the settings for Defender through custom OMA-URI settings in the Intune portal. The experience around this har been OK, but not optimal.
In the latest update release for Intune it is now possible to manage all settings for Windows Defender directly from the General Windows 10 Policy template. In this blogpost I will show how this new feature work. Continue reading
In my previous blogpost Intune: Upgrade Windows 10 Edition to Enterprise I was telling how you can configure Microsoft Intune to upgrade your PC’s from Pro to Enterprise Edition. This blogpost is going to show the user experience on how the upgrade itself works from a user perspective with screenshots and explanations. Continue reading
For a while now we have been waiting for the integration between Windows Store for business and Microsoft Intune. This integration will allow you to deploy purchased or free apps from the Windows Store through the Intune admin console. This blogpost is a simple guide on how to set up this integration and deploy your first app. My example is going to use the Intune Company Portal app as an example. Continue reading
For a while now, Microsoft has been talking about the opportunity to upgrade from Pro to Enterprise Edition of Windows 10 from Intune. The same is for upgrading to Education Edition if you are a School. Finaly this feature has now come to Intune. This means you can upgrade your devices by simple joining them to Azure AD Continue reading
I have been working with setup of MFA required for enrollement in Intune abit lately and have discovered a couple of things that is not really explained well in the Intune console/documentation.
Enrollment of devices in Intune will in most cases also trigger a device registration in Azure AD. This registration in Azure AD can easily be connected to a MFA requirement by just configure your Azure AD to require MFA for device registration. But this does not apply to all scenarios, so in this blogpost I am going to go into each plattform and explain what happens during enrollment and how the MFA is triggered. I will also cover different options for enrollment of Windows 10 Mobile. Continue reading