With windows 11, the hardware requirements have been increased. It is no longer possible to start a Windows 11 machine in Hyper V without additional settings. What you need to do to run Windows 11 in a VM I explain in this blog post.
Read More »
Month: May 2022
Adding a Certificate to Trusted Publishers using Intune
Microsoft has described in a blog post (Adding a Certificate to Trusted Publishers using Intune) how to create a custom config profile to get a certificate into the trusted publisher store. Since there are several manual steps to read the thumbprint from the certificate and encode it to a base64 string I wrote a script that does all this for you and automatically creates a new configuration policy.
Read More »
Delay Windows Update pending reboot with toast notification
Who does not know the situation when you come back from vacation and the computer wants to reboot after an update installation. However, it is extremely important from a security point of view that the system is always up to date. How about a solution that updates are always installed directly, but gives the user a little more time to read emails and reboot the device only when it fits for him. Another example is when a measurement or other process is running on the computer for several hours or days. Also here it would be really bad if a reboot interrupts this measurement. In this blog I show how you can delay the reboot after an update installation but still remind the user of the reboot and give him the chance to do it when it suits him.
How to write from a Toast Notification in Log Analytics Workspace
It is useful after triggering a remediation action or for simply getting feedback from the user/customer to have a kind of survey. Contacting them by mail usually results in very poor response rates. It is much better to contact him directly via a popup. How you can implement this with the help of a Remediation script and write the response in a Log Analytics workspace I will explain in this blog post.
How to backup and restore the Registry
When I try something out or develop something new I don’t always do this in a VM, I use directly my productive system (I wouldn’t recommend it but I do it anyway). But by changes in the registry you can bring the PC in such a state that you have to set it up again. To avoid this, I look at this blog a way to create a backup of the registry and this can be restored at a later date.
Read More »
How to restrict the login to dedicated users with intune – Part 2
Hello everyone, after several months of inactivity I would like to post regularly new content here on my blog. I start here with a topic which I have already blogged last year. This post is about how to restrict who can log on to on windows via Intune. Intune has a cool new feature that allows you to manage the members of local groups. In my previous blog I did this restriction with a configuration profile and put a AAD user into the local group via a custom profile and an OMA-URI. Now Microsoft has added a new CSP that allows you to do this in an much more elegant way. How to use this I explain now in this blog post.
Read More »
Modern Device Management 