Windows Autopilot – check those logs…

Windows Autopilot is a Windows 10 feature that enables organizations to pre-register devices either through an OEM or manually.  When users receive a Windows 10 device that is registered with Autopilot and turn it on, they’ll walk through a streamlined and customized out of box experience (OOBE).  In summary, Autopilot helps to reduce the costs…

0

Add Windows Defender Browser Protection to Chrome with Intune

I recently read a really great post by Martin Bengtsson about utilizing Configuration Manager (SCCM) to force installation of the Windows Defender Browser Protection extension for Chrome. So I decided to take a different approach and deploy the extension utilizing a PowerShell script deployed through Microsoft Intune. To learn more about the Windows Defender Browser…

0

Windows 10 Group Policy vs. Intune MDM Policy who wins?

  When I speak with organizations about managing Windows 10 devices with Microsoft Intune there is a concern about disruption of current projects to deploy new OSs, patches, etc.  When moving to Intune for managing Windows devices, Intune will leverage the built-in MDM agent vs. having to install another agent to manage Windows 10 devices….

0

Windows Information Protection – adding the Intune Company Portal for Windows as an exempt app

  Organizations using Windows Information Protection (WIP) may experience issues accessing the Intune Company Portal app.  Fortunately, exempting Intune Company Portal app and any other application from a WIP policy is straight forward.   To learn more about creating Windows Information Protection policies please visit: https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-mam-intune-azure     Let’s get started   By exempting an…

0

Windows update compliance – Querying Azure Log Analytics data using PowerShell

  With the abundance of data across services it’s important to have a method (API) to access the data for export.  Most organizations I speak with have some sort of SIEM to aggregate data and analyze it for informational and alerting purposes.  Microsoft also offers a service called Microsoft Operations Management suite and within that…

0

Microsoft Flow and Azure AD – let’s automate!

  When I speak with organizations we often discuss scenarios such as having an onboarding process that is in need of a front-end utility and automation.  Many organizations have cloud services and on premises applications where the user onboarding process in some cases is still a manual procedure.  To assist with these processes and many…

0

Regulations and data management in a hybrid world

  I speak with a lot of organizations and often they’re interested in locating, tagging, and controlling data for various reasons such as legal, regulatory, or protecting personal and proprietary information. However, there’s one regulation that keeps popping up and it’s the new EU General Data Protection Regulation or GDPR.  GDPR will be enforced on…

0

Azure AD Connect Pass-Through Authentication – tracking sign-on activity with event viewer and Microsoft OMS

  Quick post today around Active Directory sign-on auditing when using AAD Connect Pass-Through Authentication.   Azure AD Connect Pass-Through Authentication (PTA) provides the ability to pass authentication off directly to domain controllers. When passwords are reset or changed they’re reflected in Azure AD immediately via Azure AD Connect sync. Additionally, self-service password reset (SSPR)…

0

Windows Information Protection Explained – Windows 10 Creators Update

  With the release of Windows 10 Creators Update there have been many enhancements to Windows 10. For this post, I’ll focus on an expanded feature that is only available in version 1703 (i.e. Creators Update). In Windows 10 version 1607 we released Windows Information Protection where devices that are enrolled with Microsoft Intune (or…

0

Azure AD Geolocation by sign-in activity using Power BI

  If you’re an Office 365 customer or even an Azure customer then you’re probably familiar with Azure Active Directory (or Azure AD).  Azure AD is the core identity provider that the majority of Microsoft services rely on for authentication.  For today’s post I thought it would be interesting to pull sign-in activity into Power…

0