Author: Thomas Kurth

Intune
Thomas Kurth

Updated Automatic Intune Documentation Script

Today I had time to improve the Intune Documentation PowerShell Module. This new release brings the following benefits: Bugfix: All ADMX settings are now correctly displayed Assignments of various elements like Scripts, ADMX, Enrollment Status Page and Windows Hello for Business are now documented Section “Enrollment Status Page” renamed to “Enrollment Configuration” because it contains also WHfB, Enrollment Restrictions, ESP, and Enrollment Limits.  Configuration Profiles are now loaded from the Beta Graph API. Therefore, much more types are returned. For example the Domain Join configuration is now part of the documentation. Since

Read More »
Intune
Thomas Kurth

Extended Windows Autopilot Companion App

The last weeks I had time to play a little bit more with Windows Autopilot especially White-Glove and the Companion App example from Microsoft.  First of all, one of the bad things is, that the app is not published to an Store. But I hope I can change that in

Read More »
General
Thomas Kurth

Why is the modern and secure workplace my focus?

From time to time it’s good to not only write technical blogs, today there was one of these days. I always ask my self what is the value of my work? Especially why the modern and secure workplace is in my focus? In this blog I try to share why

Read More »
Intune
Thomas Kurth

Added ADMX backed Policy to Automatic Intune Documentation Script

I just had time to add new objects to the Intune documentation which makes your documentation much more complete. This time I added ADMX backed policies or in the Intune console named Administrative Template Profile. This profile type provides a lot of settings which are not available over OMA-Uri. Therefore,

Read More »
Intune
Thomas Kurth

Configure Windows 10 Auditing with Intune

Windows 10 auditing needs to be configured to comply with the Microsoft Security Baseline. In my opinion this is an important part but completely missed in the Intune UI. But happily there is the Policy CSP which allows us to configure it. The CSP is documented here https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-audit. To simplify

Read More »
Security
Thomas Kurth

Defense in depth on an example: Office Macro Protection

Office Macros are one of the things every IT department tries to block, but will never really be able to 100% eliminate them. The reason is simple the documents with macros are sometimes produced by business apps, sent by business partners via e-mail or created by employees to improve business

Read More »
Windows 10
Thomas Kurth

Be prepared the Chromium based Edge will be released in January

Update 10.01.2020: The docs article is updated with better information about which devices are targeted. https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-blocker-toolkit#overview   Update 27.12.2019: The Microsoft Edge team informed me, that they will only make Edge available in specific scenarios. For more information read the comment of Sean. Thanks for this update and hopefully the official docs will

Read More »
Intune
Thomas Kurth

Updated Automatic Intune documentation

The Intune documentation script is now updated and includes the documentation of Application Configurations, PowerShell Scripts and a new documentation design. Additionally, I did various testing’s and fixed some smaller bugs. Download from Github Device Management Scripts / PowerShell Scripts In a Windows 10 deployment the PowerShell Script feature helps

Read More »
MDATP
Thomas Kurth

Configure Intune to deploy Microsoft Defender ATP for macOS

Since this summer Defender Advanced Threat Protection supports also macOS. Now I had time to review the functionality and share my experience in this blog. First of all, my starting position is a MacBook Air, which is enrolled to Microsoft Intune and is able to retrieve Configuration Profiles. The device

Read More »