A few weeks back I wrote about creating better pilot rings within a MEMCM environment. Because of the feedback and some projects I transferred the solution for Intune only environments. Key Features Scope to specific device Azure AD groups (Only Apps and HW models of devices in this collection are
When implementing a update concept there is always one important question open: How do I select devices for the pilot/test phase? My customers most often answer this with one of the following solutions: Manually selecting the devices and check from time to time if there are still enough devices in
There are two types of methodologies to deploy Windows Updates. One is based on ConfigMgr or WSUS. This method brings high level of control regarding which updates are deployed and when they are installed. The other is based on Windows Update for business where customers can work with deployment rings
Introduced a long time ago, Windows Information Protection (WIP) still lives in a niche of configurations that only very few actually use. Which is a shame, as its very powerful and easy(-ish) to configure. You can read everything about it in Microsofts documentation for the feature. One thing that was
While repackaging, one of the most important things to have, is a quiet packaging machine. The same applies to a machine where you try to analyze a problem with procmon. And by quiet I do not mean to avoid a noisy fan or hard disk. I talk about unnecessary background
Windows 10 auditing needs to be configured to comply with the Microsoft Security Baseline. In my opinion this is an important part but completely missed in the Intune UI. But happily there is the Policy CSP which allows us to configure it. The CSP is documented here https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-audit. To simplify
Office Macros are one of the things every IT department tries to block, but will never really be able to 100% eliminate them. The reason is simple the documents with macros are sometimes produced by business apps, sent by business partners via e-mail or created by employees to improve business
Update 10.01.2020: The docs article is updated with better information about which devices are targeted. https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-blocker-toolkit#overview Update 27.12.2019: The Microsoft Edge team informed me, that they will only make Edge available in specific scenarios. For more information read the comment of Sean. Thanks for this update and hopefully the official docs will
Lately, Microsoft released some great news around MSIX and the requirements for the installation of MSIX Packages. Now if you want to manually install an MSIX Package on a computer you need Sideloading to be enabled. If that is not the case, you will get a nasty error during the
If you join a device to Azure AD, then you get SSO to cloud resources protected by Azure AD. If you are using a Hybrid User (Synchronized from your on-premise Domain), you get an additional hidden gimmick. In general, it allows a lot of use cases where a company would
Copyright © 2023 Workplace Ninja’s. All Rights Reserved. – Code of Conduct, Webpage Terms of use and Webpage Privacy Policy