Workplace Ninja's Blog
Our goal is to share knowledge with the community and to make Workplace Management with Microsoft Technologies simpler for everybody. We wish you happy reading!
Featured Posts


Dsregcmd for PowerShell and .NET
I often write script or small applications for devices. Many times I required the AzureAD device ID which can be obtained from registry or by parsing the dsregcmd output. But parsing console output is not really reliable when the output changes for example. Now, I found a solution by using the


Windows Update for Business simplifies your environment
There are two types of methodologies to deploy Windows Updates. One is based on ConfigMgr or WSUS. This method brings high level of control regarding which updates are deployed and when they are installed. The other is based on Windows Update for business where customers can work with deployment rings
Latest Posts


Deploy Code Signing Certificate with Intune
5.1.2021 – Updated post to include OMA-URI/Custom configuration option In the last years the recommendation to “Code Sign” scripts should have arrived to everybody. Especially when deploying scripts with Intune or ConfigMgr at scale it’s good to sign them. It sounds simple but regardless most don’t use it. I would


Automatic Azure AD Conditional Access Documentation
Creating configuration documentations is always hassle. Therefore, I extended the Intune documentation with a new option to also document Azure AD Conditional Access policies. The new function Invoke-ConditionalAccessDocumentation will document: Azure AD Conditional Access Policies Translate referenced id’s to real object names (users, groups, roles and applications) Important: The Conditional


Installing a font with MSIX so that other apps on your system can see it
If you are doing software packaging, chances are that you also had the task to just install a special font that your company or customer needs. In this blog I will show you how this can be done with an MSIX, created with Microsoft’s free MSIX Packaging Tool. But bevor


Azure AD Guest Account -Governance and Cleanup
One of the biggest challenges with guest/external accounts in Azure AD is to build a governance process to keep your directory clean. Many companies do not like to have old and unused guest accounts forever in their Azure AD. Without a review functionality and information who has invited them this


Use OATH TOTP token with Azure MFA
OATH TOTP tokens can help to use Azure MFA without mobile phones. I highlight what the differences between available types are and how to enroll them.


Monitor Windows Hello and AAD Hybrid join enrollment with MEMCM
Dsregcmd.exe is one of the most important troubleshooting tools on a Windows device when working with Azure AD Hybrid Join or Windows Hello. But this tool is only available as a command line tool and not in PowerShell. I wrote a translation function to change that. The Get-DsRegStatus function can