Making hybrid identity simple with Azure AD Connect

As mentioned in my previous post I’m in Redmond (WA) to join the Enterprise Mobility deep dive airlift. During my three-day stay I’ll listen, learn and getting inspired of all cool stuff Enterprise Mobility has to offer. On the first day we covered the hybrid identity part of EMS which means – Azure AD Connect, Azure AD Premium – which provided a lot of new insights and key takeaways.

image

Continue reading

Get in touch with the Microsoft Enterprise Mobility Suite ‘blackbelt’s’ and drop your feedback!

we-started-our-day-at-building-33-which-is-next-to-building-34-which-is-where-ceo-steve-ballmer-works

I’m very excited having the opportunity to meet the product teams on Enterprise Mobility Suite (EMS) during a 4-day stay in Redmond (WA) next week! As my employer Inovativ is participating in the Red Carpet Program we’re invited to join the Enterprise Mobility airlift. An airlift is an event which outlines new features being released in a new wave/product release. This airlift includes deep dive sessions on Azure AD Premium, Microsoft Intune and Azure RMS. As Microsoft Partner we’ll be lined up with the latest technology and have the chance to discuss and provide feedback on the components involved with the Enterprise Mobility Suite.

Further I’m looking foward to meet some community friends in person like Mr. ‘IoT’ and ‘Enterprise Mobility’ Rob Tiffany. I let me assure that the coffee is ready at Satya’s office ;-)

So I challenge you to collect your best feedback and questions on Azure AD Premium, Microsoft Intune, Azure Rights Management and bring it on, I’ll forward them to the PG’s! You can drop me a line by Twitter, Facebook or by e-mail

Continue reading

Block un-enrollment Windows Phone devices by Microsoft Intune

With the December update of Microsoft Intune a cool feature OMA-URI support has been added. This seemingly small feature introduces ‘endless’ management capabilities and scenario’s which allows you to take full advantage of managing Windows Phone devices with Microsoft Intune. This is useful when the setting you need is not configurable in a mobile device security policy.

image

A good example is to block the removal of Workplace of your managed Windows Phones. By default users are able to un-enroll their devices and thus become unmanaged.  In this blog I’ll show you how to prevent un-enrollement and the ability to factory reset Windows Phone device by an OMA-URI policy template. Continue reading

Assign Enterprise Mobility Suite licenses– Quick Reference Guide

Just drop you a quick line how to assign Enterprise Mobility Suite licenses to end-users. This is is a straight forward process with an one-stop-shop!

1. Sign into the Azure Management Portal as the global administrator of the directory you wish to customize.
2. Click on Active Directory, and then select the directory where you want to assign licenses.
3. Select the Licenses tab, select Enterprise Mobility Suite, and then click Assign.

clip_image002[4] Continue reading

Blacklist Apps on Windows Phone 8.1 by native Microsoft Intune

First of all happy new year! May it a healthy, be happy and succesfull year to you and yours. Looking forward to new technical developments, challenges and meetig interesting people.

With the December update of Microsoft Intune new policy templates became available which enables you to have more control of your managed mobile devices. One of the new policies is the Windows Phone Configuration Policy template. With the Windows Phone Configuration Policy template you’re able to allow or block apps on Windows Phone 8.1 devices. Policies created from this template can be deployed to both user and device groups and will only applied to devices which are managed by Microsoft Intune.

In this blog I’ll show you how to prevent apps being installed from the Windows Phone Store or disallow the use of already installed apps.

Windows Phone Configuration Policy

  • In the Intune administration console, click Policy > Add Policy
  • Select Windows Phone Configuration Policy (Windows Phone 8.1 and later) and click Create Policy

image

 

Continue reading

Part 3 – Deploy certificates to mobile devices using Microsoft Intune NDES – Deployment

In the first two blog posts I covered the theory how deployment of certificates works to mobile devices using Microsoft Intune NDES connector followed by setup and configuring the connector.

In this third blog – part 3 – I’ll outline the depoyment of both Trusted CA Certificate Profile and SCEP Certificate profiles to mobile devices.

Continue reading

Part 2 – Deploy certificates to mobile devices using Microsoft Intune NDES – Connector

In part 1 of this blog series I provided some background and highlevel overview how the proces of deploying certificate profiles to devices works with Microsoft Intune.

In this second blog – part 2 – I’ll outline the setup and configuration of the Microsoft Intune NDES connector. As starting point, we assume that you have already installed a Certificate Authorithy (CA), NDES server and an active Microsoft Intune subscription. Continue reading