Browsed by
Category: Intune

Microsoft Edge: And the Fantabulous Security of One Browser

Microsoft Edge: And the Fantabulous Security of One Browser

This time a simple blog about creating an Edge baseline with the settings catalog (and administrative tools) and deploy it with PowerShell. While writing this blog, I decided to also add some information on how you could retrieve and push settings with PowerShell. In the blog, I am also pointing out my updated blog about Fiddler I have created a lot of blogs about securing your endpoints, securing your data, securing your Microsoft 365 but I have not talked about making…

Read More Read More

The Windows Driver Games

The Windows Driver Games

This blog will about what options you have when you need to deploy drivers while using Intune. I received a private message on the Technet community asking me to help out with some driver installation problems.  There were 100 devices that needed a WLAN driver update.   The devices had the build-in Microsoft Driver installed and for some reason, they need the have the Intel driver from 2020 installed. I guess I forgot to ask why? So what options do…

Read More Read More

The Texas Chain Saw Bitlocker Remediations

The Texas Chain Saw Bitlocker Remediations

This blog will be about some pro-active remediations and Intune Role Assignments to make sure your service desk can help your users when they need to enter the Bitlocker recovery key and nothing more. I was inspired to check if I can come up with an idea to solve this problem (until Microsoft comes up with a solution) What admin role grans permission to view devices’ bitlocker recovery keys? – Microsoft Tech Community So why not using proactive remediations to…

Read More Read More

The LAPS: Reloaded / Revolutions

The LAPS: Reloaded / Revolutions

First, A shout out to Peter Rising | LinkedIn for delivering the blog title. We had a nice movie discussion, which movie is better: Terminator 1 and 2…. We also talked about the Matrix… Guess where the blog name came from. This blog will be about an Idea I had to use proactive remediations to create a sort of LAPS (Local administrator password solution). I have mentioned it a lot, you will need to make sure your end-users do not…

Read More Read More

The Darjeeling Gps Named Locations

The Darjeeling Gps Named Locations

This blog will be about my test drive with the named location preview based on the GPS location. I hoped this new feature could add some more security.  First I will explain what I wanted to accomplish. I was under the impression I could create a new conditional access policy, just like a conditional access policy where you block all countries except the countries in the “allow list” I wanted to add some security when a user uses a browser…

Read More Read More

Drive Letters: The Demon Barber of Sharepoint Street

Drive Letters: The Demon Barber of Sharepoint Street

This blog will show you how you could map some drive letters to a SharePoint site with a CSP. In one of my latest blogs, I showed you why you don’t necessarily need to hybrid join your devices to get an SSO to your on-premise file servers and legacy apps. I even showed you how you could map Drive letters by using a CSP in Intune. Like I showed you in an earlier blog ”DBD”:  Devices Before Data. You need…

Read More Read More

IMECache: Attack of the Cleaner

IMECache: Attack of the Cleaner

This blog will show you what happens when you are trying to install a Win32app which is deployed by serviceui.exe and how to troubleshoot errors.  Of course, I will show you how to solve a particular problem. I will divide this blog into 5 parts Describing each phase and where to find it in the log Background info about Serviceui.exe The problem itself Troubleshooting the Problem The Solution 1.Win32 App IME installation phases When you want to monitor or troubleshoot…

Read More Read More

Three Intune Power Settings outside Ebbing Missouri

Three Intune Power Settings outside Ebbing Missouri

This short blog will be about some new long-awaited Intune Power Settings. I guess everyone knows this problem. How to make sure your hard disk is not going to take a nap after some idle time? I am going to divide this blog into 2 parts. In the first part, I will show you which options you had until now. The second part will be about how we could do it in the future. Until now: Until now, you hadn’t…

Read More Read More

The Sysnative Witch Project

The Sysnative Witch Project

An old one, but still necessary when you are deploying a win32 app and you have to make sure some 64 bits registry keys are configured before you could install the application. I was inspired to write this blog after a question on the Technet community website about this topic. In this blog, I will first show you the differences where data is stored on a 64 bits device and secondly I will show you why deploying a 64 bits…

Read More Read More

Alice and the Device Certificate

Alice and the Device Certificate

This blog will show you how to start troubleshooting when some features of the company portal aren’t working anymore. Some features that stopped working were: App installations and syncing problems. While troubleshooting, it really took me down into the rabbit hole. In one of my last blogs, I showed you which steps you could take to implement Adminless and how to make sure the end-user experience is still great. Dude, Where’s my Admin? – Call4Cloud Almost at the same time,…

Read More Read More