Part 1 – Deploying Microsoft Intune PFX connector in an Enterprise world…common practices

Last year I had the change to implement PFX certificate infrastructure for a large enterprise customer. Occasion of the project was a migration of Citrix XenMobile (XDM) to Microsoft Intune as strategic mobile device- and application management solution.

microsoft-intune-pfx-connector-architecture-overview
Microsoft Intune PFX connector certificate deployment architecture.

In a series of blogposts I’m sharing my experiences, design decisions, common practices and challenges of implementing Microsoft Intune PFX connector as certificate deployment mechanism in an enterprise environment.

Part 3 – Create & deploy Enterprise Data Protection using System Center Configuration Manager Current Branch

image

In this blog series of Enterprise Data Protection (EDP) I will provide you some more insights what EDP is, how it works and how to create & deploy EDP policies by Configuration Manager and Microsoft Intune.

In this 3rd blog post I’ll outline how to create & deploy Enterprise Data Protection policies by Configuration Manager Current Branch (1511) to Windows 10 devices.

Continue reading “Part 3 – Create & deploy Enterprise Data Protection using System Center Configuration Manager Current Branch”

Azure AD Premium Public Preview Features…a closer look

image

Microsoft is continuously improving their Azure cloud services while new features get introduced in rapid pace. In this blog I want to consider some new Azure Active Directory Premium features which are currently in public preview. ’These features are:

  • Dynamic Groups
  • Azure Application Custom Domain publishing
  • Azure Conditional Application Access

Continue reading “Azure AD Premium Public Preview Features…a closer look”

Name Suffix Routing into the rescue publishing Non-Claims-Aware application using Kerberos Constrained Delegation

Last week I faced a challenge publishing non-claims-aware application (SharePoint 2013) using Kerberos Constrained Delegation (KCD) by Web Application Proxy (WAP).

ADFS cross forest Mirosoft Intune Infrastructure

The customer environment consists of a multi-forest active directory where user accounts and server objects each stored in a separate forest. Due to the introduction of Microsoft Enterprise Mobility Suite (EMS) we added a public User Principal Name (UPN) which was required to log on using a public domain namespace.

Continue reading “Name Suffix Routing into the rescue publishing Non-Claims-Aware application using Kerberos Constrained Delegation”

Part 2 – Deploy certificates to mobile devices using Microsoft Intune NDES – Connector

In part 1 of this blog series I provided some background and highlevel overview how the proces of deploying certificate profiles to devices works with Microsoft Intune.

In this second blog – part 2 – I’ll outline the setup and configuration of the Microsoft Intune NDES connector. As starting point, we assume that you have already installed a Certificate Authorithy (CA), NDES server and an active Microsoft Intune subscription.

Continue reading “Part 2 – Deploy certificates to mobile devices using Microsoft Intune NDES – Connector”

Part 1 – Deploy certificates to mobile devices using Microsoft Intune NDES – Overview

With the recent updates of Microsoft Intune it is possible now deploying certificate profiles using Network Device Enrollment Service (NDES) to mobile devices.

In this blog series I’ll cover the different aspects of certificate enrollment proces by using Microsoft Intune (standalone).

Overview

Before going in details about NDES and hereby an brief overview of how NDES process works in relation to Microsoft Intune.

Microsoft Intune Standalone NDES

Continue reading “Part 1 – Deploy certificates to mobile devices using Microsoft Intune NDES – Overview”

Troubleshooting: Federation for Windows Intune

During a Windows Intune proof of concept (PoC) I was facing some issues configuring federation in order to enable Signle Sign On (SSO).

Proxy Authentication

When configuring federation we couldn’t convert the the default domain to a federated domain type. By using the –Verbose –Debug parameters of convert –MsolDomainToFederated cmdlet the root cause became clear. Proxy Authentication was required and therefore we couldn’t convert the domain. One down two to go!

clip_image001_thumb[3] Continue reading “Troubleshooting: Federation for Windows Intune”

Update Rollup 2 for System Center 2012 Service Pack 1 #sysctr

Microsoft has released Update Rollup 2 for Microsoft System Center 2012 Service Pack 1 (SP1). This article discusses the issues that are fixed in Update Rollup 2 for Microsoft System Center 2012 Service Pack 1 (SP1) and contains the installation instructions for Update Rollup 2 for System Center 2012 SP1.

The update packages for App Controller, Service Provider Foundation, Operations Manager, and Data Protection Manager are available from Microsoft Update

How to obtain and install Update Rollup 2 for System Center 2012 Service Pack 1

To manually download the update packages from Microsoft Update Catalog, go to the following Microsoft websites:

For detailed information about Update Rollup 2 for System Center 2012 Service Pack1 see the original Microsoft article.

Source

Microsoft Management Summit 2013 lift-off! #sysctr #mms2013

This week Microsoft Management Summit (MMS) 2013 officially launched and brings together the brightest IT professionals from around the world to increase their technical expertise through an intensive week of training led by experts in desktop, device management, datacenter, and cloud technologies.

Keynote, Cloud Optimize Your Business with Microsoft Management Solutions

Brad Anderson, corporate vice president in Microsoft’s Windows Server and System Center Group, took the stage this morning to kick-off the Microsoft Management Summit in Las Vegas. Anderson’s keynote to more than 5,000 attendees highlighted the company’s Cloud OS strategy and how IT professionals can use Microsoft technologies to transform their datacenters.

The keynote, which included live demos, will be available on Channel 9 for on-demand viewing. Anderson also posted to the Official Microsoft Blog today.

 

Continue reading “Microsoft Management Summit 2013 lift-off! #sysctr #mms2013”

Operations Manager

The System Center Operations Manager Unleashed team is offering a free pack of dashboards designed to provide information for System Center 2012 Virtual Machine Manager hosts and guests. Here are the dashboards included in the management pack, discussed in Chapter 11 of the upcoming System Center 2012 Operations Manager Unleashed:

clip_image001

  • VMM Guest Health (guest state, guest alerts and details pane)

clip_image002

  • VMM Guest Resources (count of processors, memory and disk size for VMM guests)

clip_image003

  • VMM Host Performance (VMM host processor, memory, disk and network)

clip_image004

  • VMM Hosts and Guests (VMM Host state, alerts and performance, VMM guest state, alerts and resources)
  • VMM Performance (Non-dashboard view – standard performance view for hosts)

clip_image005

  • VMM Server Service Level Objective (Service Level Dashboards for the VMM server’s availability)

clip_image006

  • VMM Summary Dashboard (VMM Host processor top values, available memory, state)

You can download this management pack from http://www.systemcentercentral.com/pack-catalog/virtual-machine-manager-dashboards-from-the-opsmgr-unleashed-team/.

View original post