Part 2 – Improve endpoint user experience with Microsoft Endpoint Analytics: Startup Performance

My previous blog post was a brief introduction to Microsoft Endpoint Analytics, what it is and how it relates to Microsoft productivity score. In this second blog post I will cover the startup performance, one of the three core features of Endpoint Analytics. How do you gain insight into device setup, startup & sign-in times per individual- as well as per device model and overall system performance as part of Endpoint Analytics startup performance.

Microsoft Endpoint Analytics startup performance page.
  • Startup performance, help IT get users from power-on to productivity quickly without lengthy boot and sign in delays
  • Proactive remediation scripting, fix common support issues before end-users notice issues
  • Recommended software, recommendations for providing the best user experience

Now we have set up Endpoint Analytics we are ready to collect data and gain insights how your endpoints performing. Are they in a good shape and fine tuned to provide the best in class end-user experience? Perhaps they do…but as always there might be some room for improvements out there!

Continue reading “Part 2 – Improve endpoint user experience with Microsoft Endpoint Analytics: Startup Performance”

Keep your Microsoft Intune tenant clean and tidy /w Azure Automation & Graph API

Nowadays Microsoft provides us a lot of flexibility to empower end-users to be productive as never before. Users are able to register their devices in order to access corporate resources anytime, anywhere on devices they love. Provisioning of Windows 10 devices to your enterprise has never been easier for end-users. They are even able to join their brand new devices to the corporate from home taking benefit of Windows Autopilot & Azure AD MDM auto-enrollment.

From an end-user perspective this is great, productivity can be restored in minutes instead of hours or even days. However the flexibility we provide for the end-users has a downside from an IT Admin perspective. As we’re able to join or register devices to Microsoft Intune/Azure AD, it causes a lot of obsolete device objects in your tenants. Continue reading “Keep your Microsoft Intune tenant clean and tidy /w Azure Automation & Graph API”

Deploying Satya Nadella’s Guide “Hit Refresh” to the future /w Microsoft Intune eBooks

With the recent release of  Satya Nadella’s – Microsoft CEO – book and guide “Hit Refresh” to the future, it was  a perfect occasion to deploy eBooks with Microsoft Intune. Earlier this year Microsoft introduced support for volume purchase (VPP) support for eBooks via Microsoft Intune.

Overview of eBooks node in Microsoft Intune portal.

Volume Purchase Program’s (e.g. Microsoft Store for Business, Apple Business Store) lets you purchase multiple licenses for a book that you want to distribute to users in your company. With Apple you can distribute books from the Business, or Education stores. Continue reading “Deploying Satya Nadella’s Guide “Hit Refresh” to the future /w Microsoft Intune eBooks”

Improve your endpoint security /w Windows Defender Advanced Threat Protection

Last week Microsoft announced the public preview of Windows Defender ATP Windows 10 Fall Creator update. I’m quite excited – we’ll should – of the new capabilities which allows you to better protect your endpoints from threats.

I had the opportunity to work with this for a while and like to highlight my personal favorite feature – Security Analytics Dashboard. Why? It’s because this feature gives me insights of my current endpoint (Windows 10, Windows Server, Linux* & Mac OS*) security posture and what it takes to utilize the full potential.

For a complete overview of all Windows Defender ATP preview features please read the official announcement here. Continue reading “Improve your endpoint security /w Windows Defender Advanced Threat Protection”

Part 2 – Deploying Microsoft Intune Connector in an Enterprise world: troubleshooting

In a diptych I’m sharing my experiences, common practices and challenges of implementing Microsoft Intune PFX connector as certificate deployment mechanism in the enterprise.

IntunePFX

In my first blog post I covered the basics of implementing a certificate deployment infrastructure based on Microsoft Intune PFX connector. Explained the differences and considerations whether to choose SCEP or PFX as your certificate deployment solution. And explained the certificate issuing workflow. In this second post I’ll go in more detail of the anatomy of the Intune Certificate Connector, setup. Explaining the renewal and revocation process(flow) works. And lastly I give you some pointers where to start your journey, in case of troubleshooting certificate deployment issues.

Part 1 – Deploying Microsoft Intune Connector in an Enterprise world: common practices

Part 2 – Deploying Microsoft Intune Connector in an Enterprise world: troubleshooting

Continue reading “Part 2 – Deploying Microsoft Intune Connector in an Enterprise world: troubleshooting”

Windows Information Protection…notes from the field! #MSIgnite

Windows Information Protection (WIP), previously known as enterprise data protection (EDP), helps organizations to protect corporate data against potential data leakage.

information-protection-needsThe concept is fairly simple and is actually based on defining two lists:

  • A corporate boundary list, which represents both on-premise & cloud network locations where managed apps can access corporate data;
  • A list of managed (trusted) apps, which are allowed to open, modify & store corporate data within the corporate boundary list.

In this blog we will look at some practical examples which you have to consider for a successful implementation of Windows Information Protection including a top 4 of recommended practices.

Continue reading “Windows Information Protection…notes from the field! #MSIgnite”

Updated Microsoft Intune On-premises Connector for On-premises or Hosted Exchange

image

For those who are using On-Premises Exchange or Hosted Exchange with Microsoft Intune (standalone) hereby a quick post to inform you the Microsoft Intune Exchange connector (5.0.6175.0) has been updated last month (March 2016). At time of writing no release notes were available what has been addressed with the updated connector.

Continue reading “Updated Microsoft Intune On-premises Connector for On-premises or Hosted Exchange”

Part 4 – Create & Deploy Windows Information Protection with Microsoft Intune

In this blog series of Windows Information Protection (WIP) I will provide you some more insights what WIP is, how it works and how to create & deploy WIP policies by Configuration Manager and Microsoft Intune.

In this 4th blog post I’ll outline how to create & deploy Windows Information Protection policies to Windows 10 devices by Microsoft Intune.

Continue reading “Part 4 – Create & Deploy Windows Information Protection with Microsoft Intune”

Updated: Exchange Connector permissions changed in Configuration Manager Current Branch (1511 and higher)

Exchange Connector Current Branch

Note! Updated with additional permissions (Get-Mailbox) 04/28/2016

During a Configuration Manager Current Branch (1511) implementation I bumped into an issue configuring the Exchange Connector. After configuring the Exchange Connector, devices which are connected by Exchange were not successfully discovered and therefore not appearing in the admin console.

Continue reading “Updated: Exchange Connector permissions changed in Configuration Manager Current Branch (1511 and higher)”

Get Started with the Enterprise Mobility Suite

undefinedOver the next six weeks I’ll provide along with my colleagues Valerie Siroux and Arjan Vroege several webinars on Microsoft Enterprise Mobility Suite. If you want to know more about for instance Azure Active Directory Premium, Microsoft Intune, Azure Rights Management Services, you can not miss these webinars.

Learn more about EMS in 6 webinars

On the following dates will take place the Enterprise Mobility Suite webinars. Please note that these webinars are taught in English. Through the links below you can register free of charge.

Continue reading “Get Started with the Enterprise Mobility Suite”