Some weeks ago I blogged about what options you had when you need to remotely collect Logs from your Azure ad Joined devices. The Log Collector – Call4Cloud Remotely collect Azure Ad Logs Some time ago I noticed a new feature which was in development. I am very pleased to see this new functionality is ready for preview and it’s very easy to use! I love it. You only need to press the 3 dots when you have selected the…
This blog will be about the new settings catalog and some background info from the client’s perspective. The possibility to configure settings by simply selecting the settings with a GUI instead of manually creating your own custom-made settings (Configuration Service Provider) can be great. I am not going to show you how to manually create this new settings catalog, Microsoft does a very good job in explaining it. Create a policy using settings catalog in Microsoft Intune – Azure |…
This short blog will be about a setting that still can cause problems. Fast startup was introduced in Windows 8 and is turned on by default if applicable. I totally forgot about this setting when deploying the modern workplace. It’s really nice your device has a fast startup, but it has some cons when you have configured Windows update like stated in step 6 from the Windows 10 in cloud configuration guide. Windows 10 in cloud configuration (microsoft.com) These steps…
It’s very nice to see, Microsoft is working on some new features. One of the features which are in development is the possibility to collect remote logs. Source: In development – Microsoft Intune | Microsoft Docs Also look at the possibility to restart an app install!. That’s great. But as these features are in development, we don’t have the option to collect logs remotely. Luckily Solarwinds has a remote background feature, which allows you to gather some event logs remotely….
This blog will be about the Bitlocker recovery key and some proactive remediation (and some background information about how it works) Bitlocker is one of the many security measures you will need to implement to make sure the data is safe when a device is stolen. One of the downsides are the support tickets that could be created when a user simply does not remember their password anymore and tried it too many times. Luckily in a normal situation, you…
Different week, different use case. This blog will be about the impossibility of having GMAIL as your Email client in combination with android work profiles and Conditional Access. Why not using Outlook? That’s indeed a very good question, as Gmail is also not an approved app. I guess users are just used to work with the Gmail app. They prefer the Gmail calendar notifications instead of the Outlook calendar notifications. Of course, we advised to start using Outlook, but the…
This blog will be about why it’s important to automate your Microsoft 365 deployments. Today I was called in to investigate a weird problem. A colleague was trying to set up Intune for a new Microsoft 365 customer. In a normal situation we are doing this by launching our deployment scripts but this time a new colleague wanted to see which steps need to be taken to enroll a customer into Microsoft 365. Everything was going fine until the enrollment…
This short blog will be about, why users don’t need admin permissions to delete the public desktop icons. There are not a lot of reasons why your Azure Ad users need to be local admins on their devices. You can do a lot even without admin permissions. To summon a few: -Restarting services can be done without local admin permissions The non admin user: The battle of restarting services – Call4Cloud -Installing applications The PowerShell Win32 App Express – Call4Cloud -Installing…
Everything is about Zero trust security, you will need to implement it. There are a lot of articles written about zero-trust security the last few months. Some examples: Zero Trust Security (microsoft.com) Take the Zero Trust Assessment (microsoft.com) How to best explain zero trust? It’s like the quote of Ronald Reagan but just with one additional word: Never trust, but verify Zero trust ensures, identities are verified and devices are safe before you can access your corporate apps and data….
This short blog will be about what to do when you have locked yourself out of your device when implementing Intune Applocker device configuration policies. Some time ago I blogged about how a not configured DLL rule can break your devices. The Appocker Dilemma – Call4Cloud At that time, just changing the Applocker device config inside Intune did the job. But what if the new Applocker policy just won’t sync to the device and the old policies still apply. At…