Check Autopilot enrollment prerequisite

Everyone who has enrolled a few devices with autopilot in his life and has encountered errors knows the problem that it can quickly be very cumbersome to find the problem why an enrolment fails. Especially when it comes to network endpoints that are not reachable it can be very time consuming to find them. To enroll a device with autopilot there are also some prerequisites that have to be fulfilled. To check this before the enrollment I have created a script that helps you to check these requirements.

Read More »

Remove the primary user from Intune devices with powershell (Switch to shared device)

If an Intune device is not enrolled as a shared device or kiosk device, it always has a primary user. This creates a relation between the device and the user. This user is also used to license the device. This user only has the possibility to see this device in the company portal / company portal website and trigger certain self service actions. Also, while troubleshooting, an Intune admin can select this user in the Troubleshooting + support menu in Intune and directly see their devices.

The primary user is automatically added after the the enrollment of an intune managed device. It is possible to change the user to an other or remove this user to switch the device into a shared device.

Read More »

The ultimate MEM tour part 3 – Endpoint Security

Welcome to the third part of my blog series. In this blog series, I’ll give you a tour through the features that Microsoft Endpoint Manager offers us. In the last two blogs, we looked at the topics of device and application management. Today we would like to take a look at device security. The biggest goal companies have is to protect their devices and data from outsiders. Every day there are new attack methods or threats that companies need to protect against. MEM provides many features that use the power of the cloud to achieve this goal. At the center of this is Microsoft Defender for Endpoint.

Read More »

The ultimate MEM tour part 1 – Devices

According to the Gardner quadrant published on August 16, Microsoft is by far the leader in the area of unified endpoint management tools. Microsoft Endpoint Manager (MEM) has played a major role in achieving this clear ranking. MEM has grown more and more in recent years and has received more and more new functions. According to rumors, we can soon expect support for Chrome OS (source: twitter).

This blog is the first blog of a whole blog series. In this blog series, I want to give you a tour of all the features that Microsoft Endpoint Manager has to offer.

Read More »

Use assignment filter for the update ring assignment

With the Assignment Filter a possibility was added to intune to make assignments more comfortable. This feature was first available for configuration profiles and then for apps. With the service release 2107 Intune has enabled the assignment filters also for update rings.

What are assignment filters and how can you use them for the update ring assignemnts I will show you in this blog.

Read More »

Policy sets – a cool feature

Many companies have not only a standard service, where not all PCs have the same configuration profiles, standard apps,… have. Specialized services are often needed to meet the needs of different business areas. You can copy the configuration profiles and give them the name of the service so you know which policy belongs to which service or you can use the policy sets to build own services.

Read More »

Setup an Modern Kiosk PC

In this blog post I want to explain how to set up a Modern Kiosk PC. There are many use cases in companies where you don’t want to give the user complete access to Windows. Only one or selected applications should be allowed. Typical use cases would be:

  • a device that plays a video in a sales room
  • a device that is used for training of an application
  • a terminal where someone can give feedback

and many more…

Read More »