After reading a question on (yes I know) a Facebook group about how to monitor Applocker on AADJ devices, I realised I didn’t have a blog about this topic…So here we go! In this blog, I am going to show you why you could use Azure Log Analytics as a basic Applocker monitoring solution and of course how to setup it up step by step. I am going to divide this blog into multiple parts What is Azure Log Analytics…
This blog will show you when you are deploying the Microsoft 365 Apps from Intune why teams sometimes is being installed in the Programdata folder and other times in the user’s localappdata folder and why the teams update functionality could break. I am going to split this blog into 2 parts. First, some background information about the two installations options you have and the second part will be about the issue itself and how to solve it. Installations options: Before…
This short blog will be about why baselines are very important and why you need to keep them up to date. I am not talking about security baselines this time. What I will be talking about, is the app baseline you need to deploy to your users Windows 10 devices to make sure users can install apps on their own. Itβs best practice to implement adminless. *Source: Microsoft Vulnerabilities Report 2021 | BeyondTrust (great report!!) Of course, nowadays users are…
This short blog will be about, why users donβt need admin permissions to delete the public desktop icons. There are not a lot of reasons why your Azure Ad users need to be local admins on their devices. You can do a lot even without admin permissions. To summon a few: -Restarting services can be done without local admin permissions The non admin user: The battle of restarting services – Call4Cloud -Installing applications The PowerShell Win32 App Express – Call4Cloud -Installing…