Getting started with Windows Store for Business


With the new Windows Store for Business, organizations can make volume purchases of Windows apps. The Store for Business provides app purchases based on organizational identity, flexible distribution options, and the ability to reclaim or re-use licenses. Organizations can also use the Store for Business to create a private store for their employees that includes apps from the Store, as well private Line-of-Business (LOB) apps or deploy purchased apps offline by Configuration Manager or Microsoft Intune.

Choose the best app store for the right scenario.

Continue reading “Getting started with Windows Store for Business”


Use Custom Attributes for automatically populate Azure AD Dynamic Group Memberships

March this year the Active Directory team announced Attribute Based Dynamic Group Membership for Azure AD. Until then, group membership was a manual thing that had to be done for each user. With this feature you can specify a rule on an Azure AD security group that will automatically manage the membership of that group based on user’s attribute values. Dynamic Group Membership is supporting by default a subset of user attributes which can be used.


But what if you use in your organization custom attributes for various applications-, business- and provisioning processes? In this blog post we go further and will explain how to use custom AD attributes, extend your Azure AD tenant and use these custom attributes to automatically populating a security group.

Continue reading “Use Custom Attributes for automatically populate Azure AD Dynamic Group Memberships”

Integrate your Microsoft Intune device enrollment with Azure AD!

May this year Microsoft announced a new capability of automatically enroll devices in Microsoft Intune as part of joining devices in to Azure AD (Premium). By joining a Windows 10 device to Azure AD it is extremely easy for end users to get the benefits of single sign-on, OS state roaming, and management capabilities.


This will work with both Microsoft Intune and with 3rd party MDM solutions. In this blog post I’ll show you how ease and transparent this process is and how powerful the integration is of Microsoft Online Services and Windows 10!

Continue reading “Integrate your Microsoft Intune device enrollment with Azure AD!”

The Enterprise Mobility Suite Portal Survival Guide

survival-guide I’m more than happy being your tour guide for today and walkthrough the various portals that the Microsoft Enterprise Mobility Suite (EMS) houses. For those who are involved with EMS, this might be a handy overview of all current available portals. I often heard  that it is not always clear which portal you need and where you can find it. In this blog I’ll do my best to cover all the portals including their purpose.

Continue reading “The Enterprise Mobility Suite Portal Survival Guide”

How Azure AD Premium & Office 365 improves Collaboration

So you’ve always wondered what it takes to improve both collaboration and business processes in your organization, which results in employees being more productive? Do I’ve your attention…read on!

With Microsoft Azure and Office 365, Microsoft offers you a (cloud) platform with a huge potential to optimize and boost your business. In this blog I’ll illustrate this with a simple example of how you can use these cloud services to improve collaboration within your organization.

Coming together is a beginning; keeping together is a progress; working together is a success.

Continue reading “How Azure AD Premium & Office 365 improves Collaboration”

Azure AD Premium Public Preview Features…a closer look


Microsoft is continuously improving their Azure cloud services while new features get introduced in rapid pace. In this blog I want to consider some new Azure Active Directory Premium features which are currently in public preview. ’These features are:

  • Dynamic Groups
  • Azure Application Custom Domain publishing
  • Azure Conditional Application Access

Continue reading “Azure AD Premium Public Preview Features…a closer look”

Assign EMS licenses based on Local Active Directory Group Membership



As all roads lead to Rome there are many ways to assign Enterprise Mobility Suite (EMS) licenses to end-users. This can be a manual process or automated by using PowerShell. Both options have in common that you must be a global administrator of your Azure subscription to assign these licenses.

The majority of the available public resources and publications describes the (manual) process bassed on per user- or group assignment through the Azure Management Portal. Downside of assigning EMS licenses through the Azure Management Portal or by PowerShell is that you must be a member of the global administrator user role. A right you want to keep to a limited number of accounts, further these accounts are often not responsible for such tasks as assigning licenses.

Continue reading “Assign EMS licenses based on Local Active Directory Group Membership”