Part 1 – Deploying Microsoft Intune PFX connector in an Enterprise world…common practices

Last year I had the change to implement PFX certificate infrastructure for a large enterprise customer. Occasion of the project was a migration of Citrix XenMobile (XDM) to Microsoft Intune as strategic mobile device- and application management solution.

microsoft-intune-pfx-connector-architecture-overview
Microsoft Intune PFX connector certificate deployment architecture.

In a series of blogposts I’m sharing my experiences, design decisions, common practices and challenges of implementing Microsoft Intune PFX connector as certificate deployment mechanism in an enterprise environment.

  • Part 1 – Deploying Microsoft Intune PFX connector in an Enterprise world: common practices
  • Part 2 – Deploying Microsoft Intune PFX connector in an Enterprise world: troubleshooting
  • Part 3 – Deploying Microsoft Intune PFX connector in an Enterprise world: lessons learned

Continue reading “Part 1 – Deploying Microsoft Intune PFX connector in an Enterprise world…common practices”

Windows Information Protection…notes from the field! #MSIgnite

Windows Information Protection (WIP), previously known as enterprise data protection (EDP), helps organizations to protect corporate data against potential data leakage.

information-protection-needsThe concept is fairly simple and is actually based on defining two lists:

  • A corporate boundary list, which represents both on-premise & cloud network locations where managed apps can access corporate data;
  • A list of managed (trusted) apps, which are allowed to open, modify & store corporate data within the corporate boundary list.

In this blog we will look at some practical examples which you have to consider for a successful implementation of Windows Information Protection including a top 4 of recommended practices.

Continue reading “Windows Information Protection…notes from the field! #MSIgnite”

Important! Updated Microsoft Intune Company Portal app for iOS supports only iOS 8.0 or higher.

image

In case you missed it, Microsoft recently announced the Microsoft Intune Company Portal app for iOS will be updated. Why this might be important to you?

Why updating?

As Apple releases new versions of iOS, they release new functionality, so there is a lack of functionality available on older iOS versions. Ending support for these older versions and encouraging end users to upgrade leads to a better end-user experience and allows us to prioritize the release new functionality for customers. This adjustment to support iOS 8.0 and later brings the iOS Company Portal app into alignment with the version support of the Office apps and many other Microsoft (and non-Microsoft) apps

Continue reading “Important! Updated Microsoft Intune Company Portal app for iOS supports only iOS 8.0 or higher.”

Programma System Center Summer Night 2016 bekend!

SCUG.6001_summer_night_bbq_V01

Nog een kleine maand te gaan en dan is het zover –  de System Center Summer Night 2016! De afgelopen week hebben we hard gewerkt om het programma rond te krijgen. En met succes! Naast keynote spreker Andrew de la Haye hebben we een groot aantal Microsoft sprekers, Microsoft MVP’s en experts bereid gevonden om te komen spreken tijdens de System Center Summer Night. Een gevarieerd programma met maar liefst 9 sessies, uiteenlopend van Azure Stack tot The Modern Workplace, Incident response team tot Infrastructure as Code en van Configuration Manager Sneak Preview tot een blik op de toekomst van het internet!

Mede dankzij onze sponsoren hebben we de luxe om ook de toegang tot dit evenement GRATIS aan te kunnen bieden (hier over later meer). Inschrijven voor de System Center Summer Night 2016 – op donderdag 23 juni – doe je hier.

Continue reading “Programma System Center Summer Night 2016 bekend!”

Customize Windows 10 Start menu with Configuration Manager (MDM) or Microsoft Intune #OMA-URI

Undoubtedly you ever been asked the question to customize the Windows 10 start menu? Your response might be like “Sure, I’ll fix this by group policy, imaging (task sequence) or last resort by manually importing a .xml file.” All – almost all – valid options in a fully managed environment where your clients are domain joined (Active Directory) and/or fully managed by Configuration Manager or MDT. But hey what about your non-domain joined Windows 10 devices which are outside the company and managed by Microsoft Intune (MDM)? Well OMA-URI is your best friend! Smile

Configuration Service Provider (CSP)

In Windows 10 Enterprise and Windows 10 Education, you can use a mobile device management (MDM) policy to deploy a customized Start layout to users. No reimaging is required, and the Start layout can be updated simply by overwriting the .xml file that contains the layout. This enables you to customize Start layouts for different departments or organizations, with minimal management overhead. With Microsoft Intune (MDM), you define the Start layout using an OMA-URI setting, which is based on the Policy configuration service provider (CSP).

Continue reading “Customize Windows 10 Start menu with Configuration Manager (MDM) or Microsoft Intune #OMA-URI”

KB3002291: MDM settings are not applied to cloud-managed users in Configuration Manager 2012 R2

hotfixJust drop you a quick line a new hotfix for Configuration Manager 2012 R2 is released which improves the process of getting policies applied to mobile devices. When a user becomes a cloud-managed user (CloudUserID), a settings policy may not target the assignment for the user this due to different user(s) with same clouduserID. This behavior was introduced by CU2 and CU3.

  • This problem affects only environments that use the Intune Connector together with Configuration Manager 2012 R2.
  • This problem occurs only when Cumulative Update 2 or Cumulative Update 3 for Configuration Manager is installed.

To apply this hotfix, you must have Cumulative Update 2 or Cumulative Update 3 for System Center 2012 R2 Configuration Manager installed.

For more details and download see http://support2.microsoft.com/kb/3002291

For a complete list of all available hotfixes and update please consult the List of Public Microsoft Support Knowledge Base Articles wiki page.

Cumulative Update 2 for Configuration Manager 2012 SP1 available for download! #sysctr

Thanks to my colleague Tom Klaver for pointing me the fact Cumulative Update 2 (CU2) for System Center Configuration Manager 2012 SP1 has been released. CU2 contains fixes for Microsoft System Center 2012 Configuration Manager Service Pack 1 (SP1).

Configuration Manager 2012 SP1 CU2 – version 5.0.7804.1300 

Configuration Manager 2012 SP1 CU2 – version 5.0.7804.1300

Use the following references how to install this cumulative update:

To install client updates during the Configuration Manager client installation in a Task Sequence:

Cumulative Update 2 for Configuration Manager 2012 SP1 can be requested here.

Continue reading “Cumulative Update 2 for Configuration Manager 2012 SP1 available for download! #sysctr”