Hotfix solves issue publishing Network Device Enrollement Service (NDES) through Web Application Proxy (WAP)

For those who are using Web Application Proxy (WAP) and intent or already have been published Network Device Enrolment Service (NDES) might noticed this isn’t working, even when pass-through preauthentication is configured. This post will go into details how NDES is working including a brief explanation of the issue.

The Network Device Enrollment Service (NDES) allows mobile devices running without domain credentials to obtain certificates based on the Simple Certificate Enrollment Protocol (SCEP). The user certificates can be used for managing company resource access (E-mail, WiFi- and VPN profiles) instead of using user name + password. This existing technique is recently emphatically re-evaluated by the use and application for mobile device management in relation to BYOD scenarios. Continue reading

Troubleshooting Microsoft (Windows) Intune Extensions

Most of you are problably aware of Microsoft (Windows) Intune extensions and using them briefly without any issue(s). New extensions becomes automatically available through the Microsoft Intune connector and new updates are merged or installed to introduce new features taking benefits of the Microsoft Intune cloud services platform.

So far so good…but if you’ve bad luck extensions comes partly down or becomes not available at all to your Configuration Manager instance! Unfortunately there is no way to force a trigger of the tenant discovery process and thus the installation of Microsoft Intune extensions. In normal circumstances it will take up to 24 hours after registering your Intune subscription untill the Intune extensions comes down to your Configuration Manager instance. This pitty if you would speed up the process of installing new deployments or you’re in a disaster recovery scenario. Hereby some guidelines for troubleshooting Microsoft Intune extensions, logs locations(s), Certificate Thumbprint ID, SQL query and validating the connectivity with Microsoft Intune.

Continue reading

Configuration Manager 2012 R2 Hotfix introduces instant Remote Wipe and Retirement of Mobile Devices

men_in_black_movie_image_tommy_lee_jones_and_will_smith

Exciting times upfront of Configuration Manager & Microsoft Intune! After announcement of renaming Windows Intune to Microsoft Intune and expected new functionalities in Q4 Microsoft released this week an imported hotfix for Configuration Manager 2012 R2. In short this hotfix allows you to remote wipe or retire your mobile devices almost instanlty with out any delay…how cool is that! Continue reading

Microsoft rebrands Windows Intune to Microsoft Intune

Microsoft Intune

Today Microsoft announced they are renaming their mobile device cloud service Windows Intune to Microsoft Intune. Reason in mine opinion Microsoft is sorting to great new features and capabilities like enterprise bulk enrollement, conditional access and extended data leak protection (DLP) which will be expected later this year (Q4).

This change reflects Microsoft’s ongoing strategy for Intune as a cloud-based mobile device management (MDM) and mobile application management (MAM) solution.  The “Microsoft Intune” name more accurately represents Intune’s capabilities, supporting both iOS and Android platforms, in addition to Windows. It is also in alignment with our commitment to embrace the new dynamics of the workplace, and increase employee productivity by enabling them to work wherever and whenever they want on any device, while helping IT keep corporate information secure.

Intune is included in the Enterprise Mobility Suite (EMS) which is Microsoft’s comprehensive and cost-effective solution for addressing consumerization of IT, BYOD, and SaaS challenges. The suite also includes Azure Active Directory Premium and Azure Rights Management (RMS).

Read the the full story here.

iOS 8 Support for System Center 2012 R2 Configuration Manager

Just drop you a quick line support for iOS 8 is now available for System Center 2012 R2 Configuration Manager! Support for iOS 8 on System Center 2012 R2 Configuration Manager was announced recently by the Configuration Manager Team but finally comes down to your Configuration Manager instance.

Standalone Windows Intune was already supporting iOS 8 from day 0 when iOS 8 was released on September 17, 2014.

image

Continue reading

How secure is Windows Intune? Keep calm and reassure your cloud security manager!

computer-security-14

Perhaps you noticed yourself but customers are asking more often how secure Microsoft clouds services are(Microsoft Azure, Office365 & Windows Intune)?  Valid questions like “What- and where my corporate data is stored? How my corporate data is protected in Microsoft datacenters? What security controls in place and what about backup, disaster recovery and data retention policies? Do I have control on what data is going synced to the cloud?” And so we can still go on…

By informing customers and providing them guidelines and best practices it is more clear what the impact of using Microsoft cloud services is for their organizations. This will eliminate possible restraints (rightly or not), increases confidence of cloud service as platform & accelerates the adaption as such.

This post might help you to get better understanding on what terms and conditions Microsoft clouds services performed and enables you to inform your cloud security officer! Continue reading

Troubleshooting: Federation for Windows Intune

During a Windows Intune proof of concept (PoC) I was facing some issues configuring federation in order to enable Signle Sign On (SSO).

Proxy Authentication

When configuring federation we couldn’t convert the the default domain to a federated domain type. By using the –Verbose –Debug parameters of convert –MsolDomainToFederated cmdlet the root cause became clear. Proxy Authentication was required and therefore we couldn’t convert the domain. One down two to go!

clip_image001_thumb[3] Continue reading