In one of my last posts we took a closer look at how the Intune Management extension works and even looked behind the scenes directly into the code. In this post I have already mentioned the ClientHealthEval.exe and I would like to take a closer look into this.Read More »
Who does not know the situation when you come back from vacation and the computer wants to reboot after an update installation. However, it is extremely important from a security point of view that the system is always up to date. How about a solution that updates are always installed directly, but gives the user a little more time to read emails and reboot the device only when it fits for him. Another example is when a measurement or other process is running on the computer for several hours or days. Also here it would be really bad if a reboot interrupts this measurement. In this blog I show how you can delay the reboot after an update installation but still remind the user of the reboot and give him the chance to do it when it suits him.Read More »
Hello everyone, after several months of inactivity I would like to post regularly new content here on my blog. I start here with a topic which I have already blogged last year. This post is about how to restrict who can log on to on windows via Intune. Intune has a cool new feature that allows you to manage the members of local groups. In my previous blog I did this restriction with a configuration profile and put a AAD user into the local group via a custom profile and an OMA-URI. Now Microsoft has added a new CSP that allows you to do this in an much more elegant way. How to use this I explain now in this blog post.Read More »
A build in teams client is shipped with Windows 11. This client can only be used with a personal Microsoft account. This client is usually not welcome in corporate environments. How to remove this build-in client with the help of Intune I will show you in this blog post.Read More »
With Windows 11, microsoft take the decision that a TPM 2.0 (Trusted Platform Module) is mandatory to run windows 11. Due to this prerequisite, Windows 11 cannot be installed or upgraded on many computers. In this blog, we’ll look at what a TPM is, how to check if you have a TPM 2.0, and how to install Windows anyway.Read More »
Welcome to the third part of my blog series. In this blog series, I’ll give you a tour through the features that Microsoft Endpoint Manager offers us. In the last two blogs, we looked at the topics of device and application management. Today we would like to take a look at device security. The biggest goal companies have is to protect their devices and data from outsiders. Every day there are new attack methods or threats that companies need to protect against. MEM provides many features that use the power of the cloud to achieve this goal. At the center of this is Microsoft Defender for Endpoint.Read More »
According to the Gardner quadrant published on August 16, Microsoft is by far the leader in the area of unified endpoint management tools. Microsoft Endpoint Manager (MEM) has played a major role in achieving this clear ranking. MEM has grown more and more in recent years and has received more and more new functions. According to rumors, we can soon expect support for Chrome OS (source: twitter).
This blog is the first blog of a whole blog series. In this blog series, I want to give you a tour of all the features that Microsoft Endpoint Manager has to offer.Read More »
For many users, the centered taskbar in Windows 11 is unfamiliar. To make the transition a bit easier for users, we’ll take a look at whether there’s a way to align the taskbar to the left like in Windows 10.Read More »
With the Assignment Filter a possibility was added to intune to make assignments more comfortable. This feature was first available for configuration profiles and then for apps. With the service release 2107 Intune has enabled the assignment filters also for update rings.
What are assignment filters and how can you use them for the update ring assignemnts I will show you in this blog.Read More »
Many companies have not only a standard service, where not all PCs have the same configuration profiles, standard apps,… have. Specialized services are often needed to meet the needs of different business areas. You can copy the configuration profiles and give them the name of the service so you know which policy belongs to which service or you can use the policy sets to build own services.Read More »