Some weeks ago I blogged about what options you had when you need to remotely collect Logs from your Azure ad Joined devices. The Log Collector – Call4Cloud Remotely collect Azure Ad Logs Some time ago I noticed a new feature which was in development. I am very pleased to see this new functionality is ready for preview and it’s very easy to use! I love it. You only need to press the 3 dots when you have selected the…
Imagine the next scenario: You have a customer with the need for Microsoft 365 Apps but some of the employees need the 32-bit apps instead of the 64 bits apps. How are you going to make sure all new and some existing devices will get the version of the Office 365 Apps they need. I couldn’t find much information about deploying 64 bits and 32 bits Office apps and how to make sure the proper device would get the right…
This blog will be about the new settings catalog and some background info from the client’s perspective. The possibility to configure settings by simply selecting the settings with a GUI instead of manually creating your own custom-made settings (Configuration Service Provider) can be great. I am not going to show you how to manually create this new settings catalog, Microsoft does a very good job in explaining it. Create a policy using settings catalog in Microsoft Intune – Azure |…
This short blog will be about a setting that still can cause problems. Fast startup was introduced in Windows 8 and is turned on by default if applicable. I totally forgot about this setting when deploying the modern workplace. It’s really nice your device has a fast startup, but it has some cons when you have configured Windows update like stated in step 6 from the Windows 10 in cloud configuration guide. Windows 10 in cloud configuration (microsoft.com) These steps…
Everything is about Zero trust security, you will need to implement it. There are a lot of articles written about zero-trust security the last few months. Some examples: Zero Trust Security (microsoft.com) Take the Zero Trust Assessment (microsoft.com) How to best explain zero trust? It’s like the quote of Ronald Reagan but just with one additional word: Never trust, but verify Zero trust ensures, identities are verified and devices are safe before you can access your corporate apps and data….
The past year I blogged a lot about securing and monitoring your devices. Of course, Microsoft 365 E5 is the way to go when you want to maximize your security, but for the SMB the license can be too expensive. For these customers, Microsoft 365 business premium is the best choice. But when you choose Microsoft 365 Business premium you can’t make use of the advanced security features. Of course, by now you have implemented adminless and AppLocker on your…
This short blog will be about what to do when you have locked yourself out of your device when implementing Intune Applocker device configuration policies. Some time ago I blogged about how a not configured DLL rule can break your devices. The Appocker Dilemma – Call4Cloud At that time, just changing the Applocker device config inside Intune did the job. But what if the new Applocker policy just won’t sync to the device and the old policies still apply. At…
Using Autopilot will give you a lot of benefits, especially when combining it with White Glove. When you have got new devices, you are good to go but when you want to enroll existing “older” devices into Autopilot White Glove you can run into some problems. When we were enrolling a lot of new devices at a customer site no problems were encountered, because we previously enrolled them with Autopilot White glove. After our work was done, the customer asked…
This blog will be about what kind of problems you can run into when you have multiple customers inside one active directory and you want to provide them SSO with Office 365. Making use of modern authentication in combination with SSO can provide you with a very good user experience, except when you don’t have the option to use single sign-on. Take a look at this scenario: You are a hosting provider You have one big multi-Tenant Active Directory You…
I was mentioning in my latest blog, I would show how you can automate the company apps deployment, but first I would like you to show something brand new. This blog will be about how to prevent some files to be uploaded with Onedrive and not using the Onedrive admin center Excluding extensions in the Onedrive admin center was the way to go to make sure some files are not synced with Onedrive. Of course, you don’t want certain files…