Microsoft Defender Antivirus: Catch(up) me if you can!

On March 6, 2020March 9, 2020 By Ronny de JongIn Co-management, Microsoft Intune, Modern Management, Threat, Windows 10Leave a comment

Update: Microsoft confirmed this behavior and will correct this in the next Microsoft Intune update release, most probably the March update 2003.

If you are using Microsoft Defender Antivirus and managing your Windows 10 clients via co-management (Microsoft Endpoint Configuration Manager (MECM) or Microsoft Endpoint Manager (MEM), this blog might be interesting for you.

The catch-up scan block results in the opposite configuration the UI implies.

During an end-to-end multi-platform migration (including Windows 10, macOS, Windows Servers and Linux) of a 3rd party AV solution to Microsoft Defender (ATP) we noticed some striking behavior.

Continue reading →

Troubleshooting: Endpoint Configuration Manager Device Collection Membership Synchronization

On February 27, 2020March 8, 2020 By Ronny de JongIn Azure Active Directory, Azure AD, Configuration Manager, Identity, Modern Management, Windows 10Leave a comment

Device collection membership Synchronization to Azure AD security groups (aka Azure AD Group sync) is introduced since 1906 and offers a multitude of new management options. Meanwhile a lot has been written and resulted in some great blog posts by various community peers like Nickolaj Andersen, Nick Hogarth as well as by Microsoft Docs.

What these resources have in common is they all describe how to enable and configure Azure AD group sync. In this blog post I’ll go in to more details what’s behind the scenes, how device collection synchronization works and what actions you can take in the event of troubleshooting is desired.

Continue reading →

As a good host benefits: Azure AD welcomes your guests (accounts) using Security Keys

On January 31, 2020February 1, 2020 By Ronny de JongIn Azure Active Directory, Azure AD, IdentityLeave a comment

Imagine yourself, use security keys to provide guest accounts access to resources in environments where use of smartphones is prohibited. This use case recently came across during an interesting conversation with a customer. In short, the answer is yes. Security keys can be used in such scenarios which are subject to strict security controls.

In this blog post I’ll explain what it takes to provide different types of guest accounts access using a security key in an Azure AD B2B scenario. This works for (External) Azure AD accounts but does it work for other accounts like Microsoft Accounts (MSA) or Google as well? More on that later… Continue reading “As a good host benefits: Azure AD welcomes your guests (accounts) using Security Keys” →

More control on Windows-as-a-Service with Microsoft Intune Feature Update Deployments

On November 13, 2019November 21, 2019 By Ronny de JongIn Configuration Manager, Intune, Microsoft Intune, Modern Management, Windows 10, Windows Update for BusinessLeave a comment

With the introduction of Feature Update Deployments, IT-administrators get more control over how Windows 10 feature updates are installed via Windows Update for Business. With Feature Update Deployments, they have the ability to choose a given feature update (e.g. 1803, 1809, or 1903) and stay there indefinitely*. It provides more granular and predictable control the way feature updates find their way to devices across your organization.

With *Windows 10 feature updates*, you select the Windows feature version that you want devices to remain at.

Continue reading “More control on Windows-as-a-Service with Microsoft Intune Feature Update Deployments” →

Revise your OneDrive (Sync) restrictions when shifting to a Modern Workplace!

On October 23, 2019February 1, 2020 By Ronny de JongIn Azure Active Directory, Azure AD, Microsoft Intune, Modern Management, Office 365, Windows 10Leave a comment

OneDrive client is unable to sync your folders.

What is a modern workplace these days without having your personal- or group data synced to OneDrive and taking the full advantage Microsoft’s cloud storage has to offer!? One of the most asked feature is silently configuring your OneDrive client to automatically synchronize your (personal) data. Continue reading “Revise your OneDrive (Sync) restrictions when shifting to a Modern Workplace!” →

Microsoft keeps its Password-less promise and ships native FIDO2 support to Azure AD & Windows 10

On July 12, 2019November 21, 2019 By Ronny de JongIn Azure Active Directory, Azure AD, Enterprise Mobility, Identity, Microsoft Intune, Modern Management, Password-less, Windows 10, Windows Hello for Business14 Comments

Microsoft continues to deliver it’s password-less promise and introduces native FIDO2-based authentication to Windows 10 & Azure AD.

“There is no doubt that over time, people are going to rely less and less on passwords. People use the same password on different systems, they write them down and they just don’t meet the challenge for anything you really want to secure.”
Bill Gates, RSA 2004

Continue reading →

Together, we achieve more. Great achievements in a Microsoft Modern Workplace era

On July 8, 2019July 8, 2019 By Ronny de JongIn America, EventsLeave a comment

Exiting times! Needless to say I’m proud and humble rewarded for the 5th consecutive year as a Microsoft MVP (EnterpriseMobility).

It’s a great honorand pleasure to be able to make a modest contribution for the Microsoft community and help others by inspiring and sharing your experiences. As mentioned, this is such a great way to help others getting them further.

Continue reading →

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Microsoft continues to deliver it’s password-less promise and introduces native FIDO2-based authentication to Windows 10 & Azure AD.

Share this:

Like this:

Exiting times! Needless to say I’m proud and humble rewarded for the 5th consecutive year as a Microsoft MVP (EnterpriseMobility).

Share this:

Like this: