The more clients are managed in your tenant and the more people have contributor rights in your tenant, the more important it becomes to have good release management processes. In this blog post I would like to introduce you to my Intune CI pipeline that allows you to transfer configurations from one tenant to another. This offers the possibility that only a small number of administrators have access in the Prod tenant and all others create configurations in a Dev tenant and these are then transferred to the Prod tenant via a DevOps pipeline.Read More »
With the introduction of Assignments filter, the value of Applicability rules has diminished. With Applicability rules you could define on which OS versions a Configuration Profile should work. Unfortunately, the ability to configure or delete applicability rules for some configuration profile types from the console has also been removed. It is to be expected that this can happen piece by piece also for further types. In this blog I want to show you how you can easily remove all applicability rules to switch to filters as soon as possible.Read More »
In your environment you have multiple groups to create assignments of an app or a configuration profile. If you later realize it would be better if this was not a device group but a user group, it is hard to change this without the user having an impact or you have big efforts. I have written a script that you can convert a user group into a device group or a device group into a user group based on the user assigned to a device or based on the devices assigned to the user.Read More »
In one of my blog posts (Delay Windows Update pending reboot with toast notification) I have already described how to give the user more flexibility in deciding when he wants to reboot his device but still remind him regularly. In this blog I want to explain you how to configure the system notification of Windows Update for business. The reason for this blog is a question in the Microsoft tech community.Read More »
Quick assist was a cool windows out of the box tool that can get or provide PC support via a remote connection. Because Quick Assist is a pre-installed app in Windows, it can also be used to provide support during setup via e.g. Autopilot. The experience for the user was really easy. You have to only read out a 6 character code from the client and type in on the quick assist app on the supporter site.
But this will be changed quick assist will not be longer a build-in tool in windows. Microsoft posted on April 27, 2022 in the Windows Insider blog that Quick assist will only be available via the Windows Store in the future and that support for the old client will end. So, if you want to continue using Quick assist in the future, you will have to install it from the Windows Store.
However, there are several problems here. The first problem is that the installation of Quick assist from the Windows Store requires admin rights. This is not always the case in a professionally managed business environment where users also have admin rights on their PC. The second problem is that if you are using Windows LTSC there is no Windows Store to get quick assist from. And user getting a error messages about missing WebView2 runtimes.
How you can solve this problem I will show you today in this blog.Read More »
Hello everyone, after several months of inactivity I would like to post regularly new content here on my blog. I start here with a topic which I have already blogged last year. This post is about how to restrict who can log on to on windows via Intune. Intune has a cool new feature that allows you to manage the members of local groups. In my previous blog I did this restriction with a configuration profile and put a AAD user into the local group via a custom profile and an OMA-URI. Now Microsoft has added a new CSP that allows you to do this in an much more elegant way. How to use this I explain now in this blog post.Read More »
After we have looked at the three categories of Device Management, Application Management and Endpoint Security, this blog will follow with the Reporting section of MEM. Thanks to everyone who read the preceding blogs and gave me feedback. But it’s not over with very powerful and helpful features in MEM. Also in the reporting section you will find features that can make your daily work easier as an administrator and with which you can greatly increase the user experience. With Endpoint Analytics there is a very powerful feature which is continuously developed and improved. But let’s take a closer look at it below.Read More »
According to the Gardner quadrant published on August 16, Microsoft is by far the leader in the area of unified endpoint management tools. Microsoft Endpoint Manager (MEM) has played a major role in achieving this clear ranking. MEM has grown more and more in recent years and has received more and more new functions. According to rumors, we can soon expect support for Chrome OS (source: twitter).
This blog is the first blog of a whole blog series. In this blog series, I want to give you a tour of all the features that Microsoft Endpoint Manager has to offer.Read More »