How to put a “Request Remote Assistance” icon on users desktop in Windows 8 or 8.1

Currently Windows Intune does not support Remote Assistance Invitations (requests) to be sent on Windows 8 using Windows Intune Center. However, you can achieve a similair solution using the power of Group Policy. This method will provide end users with a desktop icon which, when clicked, generates a request for asssistance. An e-mail is composed…

14

Android Company Portal for Windows Intune released

As of today you can find the Android Company Portal for Windows Intune in the Google Play store. https://play.google.com/store/apps/details?id=com.microsoft.windowsintune.companyportal Use the Company Portal to enroll a device to Windows Intune, afterwards the administrator will be able to: Erase all data, including a factory reset Change the screen-unlock password Set password rules Monitor screen-unlock attempts Lock…

1

After enabling AD Federation Service (ADFS) you are being refered to your internal domain

After entering your federated domain account in a browser, are you being redirected to your internal domain name (e.g. adfs.contoso.local) instead of public domain name (e.g. adfs.publicdomain.com)? RDP to your ADFS server Install and open the Windows Azure Active Directory Powershell, for more details see this blog post Execute “Get-MsolFederationProperty –DomainName” with your external domain…

4

Replace certificates on ADFS 3.0

In my test environment I wanted to replace self-signed certificates with publicly trusted ones. Follow these steps if you want to achieve the same: RDP to your ADFS 3.0 server Import the new certificate to the Machine’s Personal Store Make sure you have a private key that corresponds to this certificate. If not, go to…

29

Test Workplace Join with a self-signed certificate

If you want to test Workplace Join with a self-signed certificate, you might encounter this error: “Confirm you are using the correct sign-in information and that your workplace uses this feature. Also, the connection to your workplace might not be working at the moment. Please wait and try again.” Please note that the next step…

3

Error when trying to install Windows Azure Active Directory Module for Windows PowerShell

Error: “In order to install Windows Azure Active Directory Module for Windows PowerShell, you must have Microsoft Online Services Sign-In Assistant version 7.0 or greater installed on this computer.” Install the Microsoft Online Services Sign-In Assistant for IT Professionals BETA using this link. Now install the Windows Azure Active Directory Module for Windows PowerShell again,…

26

Upgrade System Center Configuration Manager SP1 to R2

In order to benefit from R2 enhancements, it’s recommended to upgrade your ConfigMgr SP1 installation . Follow these steps minimize problems: Double check you are currently running ConfigMgr SP1, the CU update level is not relevant. Backup your current SQL database(s) Disable antivirus on your ConfigMgr server (Forefront Endpoint Protection can be left enabled) Uninstall…

1

Using Workplace Join and a Web Application Proxy

In order to have Workplace Join working, double-check the following: Outside of your company network (aka “the internet”) Ping “enterpriseregistration.yourpublicdomain.com”, it should resolve to the IP of your Web Application Proxy. If case no IP is resolved, edit your public domains DNS zone and add a CNAME “enterpriseregistration” pointing to your Web Application Proxy servername….

2

The connection to adfs.domain.com Active Directory Federation Services 2.0 server failed due to invalid credentials

Are you getting a “failed due to invalid credentials” in PowerShell when executing Set-MsolADFSContext? PS C:\Windows\system32> Set-MsolADFSContext -Computer adfs.intune-demo.com Set-MsolADFSContext : The connection to adfs.publicdomain.com Active Directory Federation Services 2.0 server failed due to invalid credentials. Try the following: Start Windows PowerShell as an administrator and set up Windows PowerShell for remoting by typing Enable-PSRemoting…

1

“Device Registration Service is not in a valid configuration state”

After running AdfsDeviceRegistration you might encounter this error: PS C:\Users\pieter.CONTOSO> Enable-AdfsDeviceRegistration Enable-AdfsDeviceRegistration : Device Registration Service is not in a valid configuration state. Service account CONTOSO\ADFSUserAccount$ does not have the required access on CN=DeviceRegistrationService,CN=Device Registration Services,CN=Device Registration Configuration,CN=Services,CN=Configuration,DC=contoso,DC=com. Ensure that the service account is granted all rights except Write DACL, Write owner, and Extended write,…

7