Keep your Microsoft Intune tenant clean and tidy /w Azure Automation & Graph API

Nowadays Microsoft provides us a lot of flexibility to empower end-users to be productive as never before. Users are able to register their devices in order to access corporate resources anytime, anywhere on devices they love. Provisioning of Windows 10 devices to your enterprise has never been easier for end-users. They are even able to join their brand new devices to the corporate from home taking benefit of Windows Autopilot & Azure AD MDM auto-enrollment.

From an end-user perspective this is great, productivity can be restored in minutes instead of hours or even days. However the flexibility we provide for the end-users has a downside from an IT Admin perspective. As we’re able to join or register devices to Microsoft Intune/Azure AD, it causes a lot of obsolete device objects in your tenants. Continue reading “Keep your Microsoft Intune tenant clean and tidy /w Azure Automation & Graph API”

Microsoft Intune introduced High Available (HA) support for SCEP/PFX Connector

Since December 2017 Microsoft Intune introduced support for multiple active SCEP/PFX connectors per tenant in order to provide high availability for certificate handling.

Initially the Microsoft Intune SCEP/PFX connector didn’t provide support for high availability. The SCEP/PFX connector could be installed as an single instance with no option for multiple active connectors.

Microsoft Intune SCEP-PFX Connector
Microsoft Intune SCEP/PFX connector support multiple active connectors per tenant.

Continue reading “Microsoft Intune introduced High Available (HA) support for SCEP/PFX Connector”

Enable Windows 10 Multifactor Authentication with Windows Hello Multifactor Device Unlock & Microsoft Intune

In this blog post I’ll explain how to configure and enable Windows Hello Multifactor Device Unlock using Microsoft Intune. Windows Hello Multifactor Device Unlock provides multifactor device authentication for login or unlocking  Windows 10 devices.

Windows Hello for Business

Continue reading “Enable Windows 10 Multifactor Authentication with Windows Hello Multifactor Device Unlock & Microsoft Intune”

Deploying Satya Nadella’s Guide “Hit Refresh” to the future /w Microsoft Intune eBooks

With the recent release of  Satya Nadella’s – Microsoft CEO – book and guide “Hit Refresh” to the future, it was  a perfect occasion to deploy eBooks with Microsoft Intune. Earlier this year Microsoft introduced support for volume purchase (VPP) support for eBooks via Microsoft Intune.

Overview of eBooks node in Microsoft Intune portal.

Volume Purchase Program’s (e.g. Microsoft Store for Business, Apple Business Store) lets you purchase multiple licenses for a book that you want to distribute to users in your company. With Apple you can distribute books from the Business, or Education stores. Continue reading “Deploying Satya Nadella’s Guide “Hit Refresh” to the future /w Microsoft Intune eBooks”

Available now: Enterprise Mobility + Security E5 IUR for Microsoft Partners

Today I was happily surprised with the announcement, as of today Microsoft Enterprise Mobility + Security E5 licenses are available through Internal Use Rights (IUR). This is great news for those who’re a Silver or Gold EMM competency partner. By this Microsoft Partners are enabled to adopt the latest security features in their own organization too. “Practice what you preach”

Enterprise Mobility + Security E5 IUR

One of the main benefits of the Microsoft Partner program are the IUR, which allows you to use Microsoft products in your own organization for free based on your partner competence levels. This applies to traditional software, software keys and Microsoft Online Services.

With IUR Microsoft Partners are able increase productivity, business value, and savings with your internal-use rights (IUR) benefits. The Enterprise Mobility + Security E3 had been available for some quite long time however the E5 was missing here, the more we’ve an imported role as partner to enable our customers with the latest Microsoft technology.

More information regarding Internal Use Rights can be found here.

New features like Azure AD Identity Protection & Azure AD Privileged Identity Management forms important (security) components in a more than ever emerging Enterprise Mobility + Security E5 proposition.

Click here to unlock your IUR benefits today!

ps. special thanks for those who make this possible ;-)

Part 2 – Deploying Microsoft Intune Connector in an Enterprise world: troubleshooting

In a diptych I’m sharing my experiences, common practices and challenges of implementing Microsoft Intune PFX connector as certificate deployment mechanism in the enterprise.

IntunePFX

In my first blog post I covered the basics of implementing a certificate deployment infrastructure based on Microsoft Intune PFX connector. Explained the differences and considerations whether to choose SCEP or PFX as your certificate deployment solution. And explained the certificate issuing workflow. In this second post I’ll go in more detail of the anatomy of the Intune Certificate Connector, setup. Explaining the renewal and revocation process(flow) works. And lastly I give you some pointers where to start your journey, in case of troubleshooting certificate deployment issues.

Part 1 – Deploying Microsoft Intune Connector in an Enterprise world: common practices

Part 2 – Deploying Microsoft Intune Connector in an Enterprise world: troubleshooting

Continue reading “Part 2 – Deploying Microsoft Intune Connector in an Enterprise world: troubleshooting”

Part 1 – Deploying Microsoft Intune PFX connector in an Enterprise world…common practices

Last year I had the change to implement PFX certificate infrastructure for a large enterprise customer. Occasion of the project was a migration of Citrix XenMobile (XDM) to Microsoft Intune as strategic mobile device- and application management solution.

microsoft-intune-pfx-connector-architecture-overview
Microsoft Intune PFX connector certificate deployment architecture.

In a series of blogposts I’m sharing my experiences, design decisions, common practices and challenges of implementing Microsoft Intune PFX connector as certificate deployment mechanism in an enterprise environment.

Top 3 feature enhancements of Windows 10 Creators Update

Yesterday I received an update of the Windows Insiders Program which contains some great improvements which I’d to share with you. Hereby some highlights.

Mobile application management

With the Creators Update we’re introducing mobile application management, a new feature that will protect data on personal devices without requiring the device to be enrolled in a Mobile Device Management solution. As employees use their own devices at work more and more, we are providing IT with oversight to apply policies to the applications employees use to be productive. This helps keep corporate data more secure without taking on the added responsibility of managing employees’ personal devices.

 

Continue reading “Top 3 feature enhancements of Windows 10 Creators Update”

Microsoft Teams: How to overcome challenges with Windows Information Protection & Conditional Access

Recently Microsoft announced Microsoft Teams, a new chat-based platform in Office 365. For all mobile platforms (Android, iOS and Windows 10 Mobile) Microsoft released an native app, including a desktop app for Windows 10 and Mac OS X. The Microsoft Teams apps can be downloaded here. After I installed the Microsoft Teams desktop app on Windows 10 I bumped into the following funny message ‘Yikes! Looks like someone pulled the plug on the internet’.

clip_image001

Continue reading “Microsoft Teams: How to overcome challenges with Windows Information Protection & Conditional Access”

Important! Updated Microsoft Intune Company Portal app for iOS supports only iOS 8.0 or higher.

image

In case you missed it, Microsoft recently announced the Microsoft Intune Company Portal app for iOS will be updated. Why this might be important to you?

Why updating?

As Apple releases new versions of iOS, they release new functionality, so there is a lack of functionality available on older iOS versions. Ending support for these older versions and encouraging end users to upgrade leads to a better end-user experience and allows us to prioritize the release new functionality for customers. This adjustment to support iOS 8.0 and later brings the iOS Company Portal app into alignment with the version support of the Office apps and many other Microsoft (and non-Microsoft) apps

Continue reading “Important! Updated Microsoft Intune Company Portal app for iOS supports only iOS 8.0 or higher.”